General

  • Target

    f3cd6aebf16fc415df212e70fc88fad4826d3f2fb95fceb0a0d9d1cbfcd8d854

  • Size

    91KB

  • MD5

    3b55b9b948aec4fd7b8a51a5f9251eb0

  • SHA1

    8abde42e06b59c760595ae7807e49628c4a9e1ab

  • SHA256

    f3cd6aebf16fc415df212e70fc88fad4826d3f2fb95fceb0a0d9d1cbfcd8d854

  • SHA512

    fa68cf076c20dfcf500af637c00f85a6e04753e642c0b33495d066d4390bde0556b5c6222cde33403cc546078fda53a5ad9a26ad5944fbefb9805038bb1d0e04

  • SSDEEP

    1536:PZlHAiR5S+zSqTBsEYsw1Jyt4CwgDc5mgO7olTvDkzbl/3:hq655XY1MKCwcgOcGl/3

Score
10/10

Malware Config

Extracted

Family

pony

C2

http://talentos.clicken1.com:81/ponyf/gate.php

http://panama.clicken1.com:81/ponyf/gate.php

http://monteazul.clicken1.com:81/ponyf/gate.php

http://199.168.184.198:81/ponyf/gate.php

Attributes
  • payload_url

    http://pje-llc.com/c10TrJ.exe

    http://dtmonalimb.com/kPKbPfAE.exe

    http://208.2.139.48/sGozBy.exe

Signatures

Files

  • f3cd6aebf16fc415df212e70fc88fad4826d3f2fb95fceb0a0d9d1cbfcd8d854
    .exe windows x86

    d6cd9cecc12ba283fd2bf86a18ca964e


    Headers

    Imports

    Sections