Overview

overview

10

Static

static

10

42b750ea3a...18.exe

windows7-x64

10

42b750ea3a...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    42b750ea3aec5f5ec06a47189fcfab8c_JaffaCakes118

  • Size

    90KB

  • MD5

    42b750ea3aec5f5ec06a47189fcfab8c

  • SHA1

    5faa64e20595e7dfc2a61fc520f6a28086c88373

  • SHA256

    01ba080070ff70135db03d71ff8e98bfa7c212171fd7bcfe17e1460c67e95a47

  • SHA512

    faaa143abe16e4389546c64ef1074eef03d8abe7e04a43be5465ab01135fd23b39ef52ecb46e04f0f206ab45a3717cc4bbf8bf2cc5333166be74d37555e53b1a

  • SSDEEP

    1536:UnSncgyGqTDRXmGcwSCfZDalZNg9tvo0iO3AX4ApTvMEInkzmt2l:2SnMuGc/CfZDap6COU45EI3tm

Score
10/10
pony

Malware Config

Extracted

Family

pony

C2

http://xdrppped.com.ng/xc/panel/gate.php

Attributes
  • payload_url

    http://xdrppped.com.ng/xc/panel/shit.exe

Signatures

  • Pony family
    pony
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 42b750ea3aec5f5ec06a47189fcfab8c_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections