General
-
Target
e3ea79a9f0d4c3f4f20ea36a04c0d5e9_JaffaCakes118
-
Size
115KB
-
Sample
240407-dlk3psca47
-
MD5
e3ea79a9f0d4c3f4f20ea36a04c0d5e9
-
SHA1
13156f0ab29f1f76fcdd28f4552d4633f8d08ee4
-
SHA256
5b870317c68e217d9da0b36fee9d388fcc82d4463f5345ab5f5d83385911fae6
-
SHA512
4ad72d4358138cebc99f3ed18d28b5014e8916c2dfdf013ceee6a13a4566863175ebb9adb88d7f27af40930950b232095ce0e2e714a6f7fce659a8e005ce456d
-
SSDEEP
3072:aYLtpPCTV2axIvjZjTZkXNeqXvWEzertAedPXC6Y1iR9:LfSKvZKXNeq/I5/rY4R
Malware Config
Extracted
pony
http://212.58.20.11/forum/viewtopic.php
http://216.119.142.158/forum/viewtopic.php
-
payload_url
http://autostate.net/GBV2bs.exe
http://oficecleaningsydney.com.au/KzAh.exe
http://acapulcotown.com/Y7CDsdL.exe
Targets
-
-
Target
e3ea79a9f0d4c3f4f20ea36a04c0d5e9_JaffaCakes118
-
Size
115KB
-
MD5
e3ea79a9f0d4c3f4f20ea36a04c0d5e9
-
SHA1
13156f0ab29f1f76fcdd28f4552d4633f8d08ee4
-
SHA256
5b870317c68e217d9da0b36fee9d388fcc82d4463f5345ab5f5d83385911fae6
-
SHA512
4ad72d4358138cebc99f3ed18d28b5014e8916c2dfdf013ceee6a13a4566863175ebb9adb88d7f27af40930950b232095ce0e2e714a6f7fce659a8e005ce456d
-
SSDEEP
3072:aYLtpPCTV2axIvjZjTZkXNeqXvWEzertAedPXC6Y1iR9:LfSKvZKXNeq/I5/rY4R
Score10/10-
Pony,Fareit
Pony is a Remote Access Trojan application that steals information.
-