General
-
Target
92da2bfda36c776b7fd62a11a2639669e1a442a0af8b8b3bfa1d5abef5bdc210
-
Size
34KB
-
Sample
221126-vjp3baab42
-
MD5
135c823deda3d2508ecef6f032463195
-
SHA1
6069f5a24ab841c1f4c68a8e1412e31c8a667993
-
SHA256
92da2bfda36c776b7fd62a11a2639669e1a442a0af8b8b3bfa1d5abef5bdc210
-
SHA512
d3d9aa4a0108e42d8eaa68192b14b6ef59b14b9dacd366dcd1423e43343e56e7176008f5499a01ce5f307f47b044fb0e65fe9db780feeeaf7d98aa4750ba9283
-
SSDEEP
768:4xiphr2HkRRhHRuGKH1BEUIbGysK2femo7lbVSQanJ:Gk12onKVBEUIjcfbopb4LJ
Behavioral task
behavioral1
Sample
92da2bfda36c776b7fd62a11a2639669e1a442a0af8b8b3bfa1d5abef5bdc210.exe
Resource
win7-20220812-en
Malware Config
Extracted
pony
http://akdoganevdeneve.net/wp-content/Panel/gate.php
Targets
-
-
Target
92da2bfda36c776b7fd62a11a2639669e1a442a0af8b8b3bfa1d5abef5bdc210
-
Size
34KB
-
MD5
135c823deda3d2508ecef6f032463195
-
SHA1
6069f5a24ab841c1f4c68a8e1412e31c8a667993
-
SHA256
92da2bfda36c776b7fd62a11a2639669e1a442a0af8b8b3bfa1d5abef5bdc210
-
SHA512
d3d9aa4a0108e42d8eaa68192b14b6ef59b14b9dacd366dcd1423e43343e56e7176008f5499a01ce5f307f47b044fb0e65fe9db780feeeaf7d98aa4750ba9283
-
SSDEEP
768:4xiphr2HkRRhHRuGKH1BEUIbGysK2femo7lbVSQanJ:Gk12onKVBEUIjcfbopb4LJ
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-