General
-
Target
45bc3c914a007419f3b2e48ba6f88263_JaffaCakes118
-
Size
90KB
-
MD5
45bc3c914a007419f3b2e48ba6f88263
-
SHA1
123969f488671336386e639a5f7f3e464093a2d2
-
SHA256
da0994836b03fa1c26d57860bf44e356cb063b548622c58f718e43fbdf9ed7ba
-
SHA512
d747d6c1fb3ace9f53f95c38c95327f937639900233e9d835f396f4f4a8929124ed3bcc50b08cabcb4c51164bf07b5019615d9883cad957252f1b4cb9335e0c1
-
SSDEEP
1536:UnSncgyGqTDRXmGcwSCfZDalZNg9tvo0iO3AX4ApTvMEIEkzmt2l:2SnMuGc/CfZDap6COU45EIItm
Score
10/10
Malware Config
Extracted
Family
pony
C2
http://rhombus-rolen.com/trip/gate.php
Attributes
-
payload_url
http://rhombus-rolen.com/trip.exe
Signatures
-
Pony family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
45bc3c914a007419f3b2e48ba6f88263_JaffaCakes118
Headers
Sections