General
-
Target
2d6e0b0c238e2377d4557116af8b8bec72abc22464b863b55abd337cf21e9ca6
-
Size
34KB
-
Sample
221126-k3qg3sfg96
-
MD5
5376076de2432d3b173a8cd8650c5e9b
-
SHA1
956bc8f5ff2a6c04a662b0567e597bbc58862b9f
-
SHA256
2d6e0b0c238e2377d4557116af8b8bec72abc22464b863b55abd337cf21e9ca6
-
SHA512
aed99bf206163736e9dcb189bbd4c34bac9cb261dfa3ff945555fa30475e8196f612c4e6cd39678eaf1f8fcad04659a8ee1ca66e33d46f8903507c051ce214be
-
SSDEEP
768:mebIFTipO74y41XbpIzwLMFsT5QQGQC4FgfK:L0wpOUFXbezdTrQNFgC
Behavioral task
behavioral1
Sample
2d6e0b0c238e2377d4557116af8b8bec72abc22464b863b55abd337cf21e9ca6.exe
Resource
win7-20220901-en
Malware Config
Extracted
pony
http://osundefoundations.com/n/Panel/gate.php
-
payload_url
http://osundefoundations.com/n/Panel/ma.exe
Targets
-
-
Target
2d6e0b0c238e2377d4557116af8b8bec72abc22464b863b55abd337cf21e9ca6
-
Size
34KB
-
MD5
5376076de2432d3b173a8cd8650c5e9b
-
SHA1
956bc8f5ff2a6c04a662b0567e597bbc58862b9f
-
SHA256
2d6e0b0c238e2377d4557116af8b8bec72abc22464b863b55abd337cf21e9ca6
-
SHA512
aed99bf206163736e9dcb189bbd4c34bac9cb261dfa3ff945555fa30475e8196f612c4e6cd39678eaf1f8fcad04659a8ee1ca66e33d46f8903507c051ce214be
-
SSDEEP
768:mebIFTipO74y41XbpIzwLMFsT5QQGQC4FgfK:L0wpOUFXbezdTrQNFgC
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-