Overview

overview

10

Static

static

10

c498ca5878...a2.exe

windows7-x64

10

c498ca5878...a2.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c498ca58787c20c585be68c0611424a2.exe

  • Size

    89KB

  • MD5

    c498ca58787c20c585be68c0611424a2

  • SHA1

    d233131e708a8bf21dfdf7424157aa589ab4d247

  • SHA256

    b38cfabf3ec239e3568956eb56e77122a9a38a8bc5fd4119cec1bb9b4a55676b

  • SHA512

    700ff6cc4b95fb434d8a35b1faef9ad1fba292c3cf233a3f28affc40ba310f5722bef705c00e9cc6ae09de2098ab295befac4da83ba987dec9919e21228fe571

  • SSDEEP

    1536:tD30/SuqTo/RidCtWMB94XGpu05gstdUOc8EpTvxEgQASkzZXA:F3JFCtDBqXid56OcJEgVXA

Score
10/10
pony

Malware Config

Extracted

Family

pony

C2

http://212.58.20.11/forum/viewtopic.php

http://96.47.0.166/forum/viewtopic.php
Attributes
  • payload_url

    http://www.69briarwoodpath.com/3heK1tQH.exe

    http://budgetink.ca/LTRa4.exe

    http://ftp.certifiedfolder.com/hpexKwV.exe

    http://marottamare.it/ha0.exe

Signatures

  • Pony family
    pony
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • c498ca58787c20c585be68c0611424a2.exe
    .exe windows x86

    2c8567c932832b8c3359ddf9343a4028


    Headers

    Imports

    Sections