General

  • Target

    3445d710464bbc7a3f37d5775275c28ec609a8bf86aec215601054c81ecf415d

  • Size

    2.2MB

  • MD5

    d8fd934802f9c373331197b7fd64975c

  • SHA1

    76cf2e77118370aeb9e2ffa0232579b5f5ae53bf

  • SHA256

    3445d710464bbc7a3f37d5775275c28ec609a8bf86aec215601054c81ecf415d

  • SHA512

    06fc4dc825664cf31ccbf9a290c40ebb59987afac39082748d781d4b72ca249525f5fbe09a25f914613d498b413b5a06f2e6fc86886b84fc4777ebf964349444

  • SSDEEP

    24576:0UzNkyrbtjbGixCOPKH2I1iIWILtfOIJ+HKodCHPC0cF3u7P1+eWQ8f/x52vHNZ3:0UzeyQMS4DqodCnoe+iitjWwwT

Score
10/10

Malware Config

Extracted

Family

pony

C2

http://don.service-master.eu/gate.php

Attributes
  • payload_url

    http://don.service-master.eu/shit.exe

Signatures

  • Detects executables referencing many file transfer clients. Observed in information stealers 1 IoCs
  • Pony family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3445d710464bbc7a3f37d5775275c28ec609a8bf86aec215601054c81ecf415d
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections