General
-
Target
8c69803f7d5df4739b070900820265a0251713c6733c3a7979e33b4d424352a2
-
Size
83KB
-
Sample
221128-lcz49sgf9w
-
MD5
8c19e61ff1711a1d7cd1e7a1588fb620
-
SHA1
ba69f8469d42aff6f392c9684ced29431b7b5309
-
SHA256
8c69803f7d5df4739b070900820265a0251713c6733c3a7979e33b4d424352a2
-
SHA512
ddd4904f5e02b125cf5f4467ad3a7e5a2a4ccb05bef553f891916265320f1dbac0d8df181eb669ea541eb9a3248bcf5a875b3a7ac5a1c2c92cf2f38b59a54196
-
SSDEEP
1536:kYlivyAUtutS9ffp1TERcQdlJh0Ptfk3b4fOgMNo2BdM:kYlivyASvffpCR/qk3b4Gggo2Bd
Static task
static1
Behavioral task
behavioral1
Sample
8c69803f7d5df4739b070900820265a0251713c6733c3a7979e33b4d424352a2.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
8c69803f7d5df4739b070900820265a0251713c6733c3a7979e33b4d424352a2.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
pony
http://sellocalidadtdf.com.ar/psd/gate.php
Targets
-
-
Target
8c69803f7d5df4739b070900820265a0251713c6733c3a7979e33b4d424352a2
-
Size
83KB
-
MD5
8c19e61ff1711a1d7cd1e7a1588fb620
-
SHA1
ba69f8469d42aff6f392c9684ced29431b7b5309
-
SHA256
8c69803f7d5df4739b070900820265a0251713c6733c3a7979e33b4d424352a2
-
SHA512
ddd4904f5e02b125cf5f4467ad3a7e5a2a4ccb05bef553f891916265320f1dbac0d8df181eb669ea541eb9a3248bcf5a875b3a7ac5a1c2c92cf2f38b59a54196
-
SSDEEP
1536:kYlivyAUtutS9ffp1TERcQdlJh0Ptfk3b4fOgMNo2BdM:kYlivyASvffpCR/qk3b4Gggo2Bd
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-