General
-
Target
22d9300fd61f473d078ed4dac161adf548dda3dbd25834c612949a64a9580bfb
-
Size
31KB
-
Sample
221127-m4wftsff2s
-
MD5
e0cb9be97c1cef47582b920bdfaa1c10
-
SHA1
a2ea67448c352dc51a1d0f77d55bb1da760b8d2b
-
SHA256
22d9300fd61f473d078ed4dac161adf548dda3dbd25834c612949a64a9580bfb
-
SHA512
68123aa13a375c1e710852ed7835ae592d3518fb1403585e5bf1de929c13f4abc9879e459ceb745375dee5cbe664cf0f81d24c28ad20308000d8c4e1befdb3a3
-
SSDEEP
768:rXRBH69uDjpez1AhgQ9ZPj0JFDKQb7tO0Kow:9BaxpAhgex0JFLh/Ko
Behavioral task
behavioral1
Sample
22d9300fd61f473d078ed4dac161adf548dda3dbd25834c612949a64a9580bfb.exe
Resource
win7-20220812-en
Malware Config
Extracted
pony
http://safehosters.org/my/gate.php
Targets
-
-
Target
22d9300fd61f473d078ed4dac161adf548dda3dbd25834c612949a64a9580bfb
-
Size
31KB
-
MD5
e0cb9be97c1cef47582b920bdfaa1c10
-
SHA1
a2ea67448c352dc51a1d0f77d55bb1da760b8d2b
-
SHA256
22d9300fd61f473d078ed4dac161adf548dda3dbd25834c612949a64a9580bfb
-
SHA512
68123aa13a375c1e710852ed7835ae592d3518fb1403585e5bf1de929c13f4abc9879e459ceb745375dee5cbe664cf0f81d24c28ad20308000d8c4e1befdb3a3
-
SSDEEP
768:rXRBH69uDjpez1AhgQ9ZPj0JFDKQb7tO0Kow:9BaxpAhgex0JFLh/Ko
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-