General
-
Target
7a51d87f905febdacd9f3cddf2b6af2ad74cb727e9a40d842c54d3a6cf9a2a76
-
Size
123KB
-
Sample
221127-qkntesaf66
-
MD5
0e6efcca2be3f82c3c05494895fb335a
-
SHA1
7da8a13e52792e4d7226c549b21a7cbb88873990
-
SHA256
7a51d87f905febdacd9f3cddf2b6af2ad74cb727e9a40d842c54d3a6cf9a2a76
-
SHA512
5ef4e031e2cb1dc10b29bf0dc1e80f9615b1d0fed110d649a1a34b159e98b5280cbfcab7c3634a06c17e4572bb5a7953731a9ac652c712c4943051d31f96ef04
-
SSDEEP
3072:PWdGumsu5Ecj4uZwbNj4K/UZUtobN2J1B:PWTmsu5nZU4WE/w
Static task
static1
Behavioral task
behavioral1
Sample
7a51d87f905febdacd9f3cddf2b6af2ad74cb727e9a40d842c54d3a6cf9a2a76.exe
Resource
win7-20220812-en
Malware Config
Extracted
pony
http://50.7.139.5/panel/gate.php
Targets
-
-
Target
7a51d87f905febdacd9f3cddf2b6af2ad74cb727e9a40d842c54d3a6cf9a2a76
-
Size
123KB
-
MD5
0e6efcca2be3f82c3c05494895fb335a
-
SHA1
7da8a13e52792e4d7226c549b21a7cbb88873990
-
SHA256
7a51d87f905febdacd9f3cddf2b6af2ad74cb727e9a40d842c54d3a6cf9a2a76
-
SHA512
5ef4e031e2cb1dc10b29bf0dc1e80f9615b1d0fed110d649a1a34b159e98b5280cbfcab7c3634a06c17e4572bb5a7953731a9ac652c712c4943051d31f96ef04
-
SSDEEP
3072:PWdGumsu5Ecj4uZwbNj4K/UZUtobN2J1B:PWTmsu5nZU4WE/w
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-