General
-
Target
24f2a7a143d61e29281d7c3eec97da0b34afda759e3ccf173ddd0a1bb4ca5e28
-
Size
34KB
-
Sample
221128-e4js2aag5t
-
MD5
eabaa34ecef5051385c12c06a59fb982
-
SHA1
18552c814f5d877cf40dd4b933e1c90f311a39c5
-
SHA256
24f2a7a143d61e29281d7c3eec97da0b34afda759e3ccf173ddd0a1bb4ca5e28
-
SHA512
fafbea3bf1ae47d7a77c9120815326694d4a26ea49eed352dd2002bf8c5d19b2e9654d40388c99196a8e60a41623541b056f60743872c693da74cef17a7511c0
-
SSDEEP
768:cRFcm2wdRawt9YCqObgarB8ZU7XsSeuVeeP7GiQS/+neKA9zafr5kWHvH3:Ug8awt9hgaN/xVwTlAtVUX
Behavioral task
behavioral1
Sample
24f2a7a143d61e29281d7c3eec97da0b34afda759e3ccf173ddd0a1bb4ca5e28.exe
Resource
win7-20220812-en
Malware Config
Extracted
pony
http://188.166.15.172/pony/Panel/gate.php
Targets
-
-
Target
24f2a7a143d61e29281d7c3eec97da0b34afda759e3ccf173ddd0a1bb4ca5e28
-
Size
34KB
-
MD5
eabaa34ecef5051385c12c06a59fb982
-
SHA1
18552c814f5d877cf40dd4b933e1c90f311a39c5
-
SHA256
24f2a7a143d61e29281d7c3eec97da0b34afda759e3ccf173ddd0a1bb4ca5e28
-
SHA512
fafbea3bf1ae47d7a77c9120815326694d4a26ea49eed352dd2002bf8c5d19b2e9654d40388c99196a8e60a41623541b056f60743872c693da74cef17a7511c0
-
SSDEEP
768:cRFcm2wdRawt9YCqObgarB8ZU7XsSeuVeeP7GiQS/+neKA9zafr5kWHvH3:Ug8awt9hgaN/xVwTlAtVUX
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-