Overview

overview

10

Static

static

10

1603bdbf48...18.exe

windows7-x64

10

1603bdbf48...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1603bdbf486a1e86dfb3729a8c520aef_JaffaCakes118

  • Size

    2.6MB

  • MD5

    1603bdbf486a1e86dfb3729a8c520aef

  • SHA1

    99d4146103faa7ab65ce6f06500744ca7648a12f

  • SHA256

    f1302326f708698963e5ebc50a737f4fc66112f5a3f7c14679f3b1783d373c2b

  • SHA512

    912c0114d5efc6eb678389e5f147f47f70ed40fb5d536f921c22f359aed5673c345ece5d8cd50f75eab8417d25838bb6150239c9334e8d2fe468f83ed07fae95

  • SSDEEP

    49152:8coQxSBeKeiOSiFmoJggggLo40KDi3gp0XhCjyrlO:86SIROiFJiwp0xlrlO

Score
10/10
pony

Malware Config

Extracted

Family

pony

C2

http://don.service-master.eu/gate.php

Attributes
  • payload_url

    http://don.service-master.eu/shit.exe

Signatures

  • Pony family
    pony
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1603bdbf486a1e86dfb3729a8c520aef_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections