General
-
Target
0615ca71184bf618d4bbec762102b310_JaffaCakes118
-
Size
41KB
-
Sample
240428-z2zrpahc77
-
MD5
0615ca71184bf618d4bbec762102b310
-
SHA1
3b5c21f916ef25227282ff12454989fe5fe1043c
-
SHA256
3d4da5d6f0caad10fbd8cbf08dcd20fa7246f948ab02bbc26b840452e1117bb4
-
SHA512
28718087b81716421eda7850ede9d6a110b53f356da643ad13355af8ddb11c6f6095de777532c35e72d34844f8f8a0146fcb1c9ed4759fdd85e96ccde728220d
-
SSDEEP
768:/KxRf2Nohyrff9IUzF/CNqaVIAV2FjGRTDNwJxE:/K3fio0FFZCNT2c22ge
Behavioral task
behavioral1
Sample
Pony.exe
Resource
win7-20231129-en
Malware Config
Extracted
pony
http://genic-enterprises.website/www/gate.php
Targets
-
-
Target
Pony.exe
-
Size
89KB
-
MD5
ca381a2a93d10d033ba1251927c38775
-
SHA1
8d6e345bdb55002779304519f026fb4b4e67d128
-
SHA256
f508aab83a08d9a8d9f2274bc967cba51dde8c9e045bcc647df061d86a186f1b
-
SHA512
85b6339bdbec8ac014439df73f9ef062139c8197023bdc1f703448b95f1d4dc5a01e7aba9093ef6934aa94089c5319ee3f5384e4f479b94f5004e3c5d59e6fa8
-
SSDEEP
1536:HEAwP87MqTbX+ZlIk8q0pTs/XS+z1F+OXBbGTv8E6hkzm8Ty:kAnaA3p4wOpE69X
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-