Overview

overview

10

Static

static

10

580caa5d9f...18.exe

windows7-x64

10

580caa5d9f...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    580caa5d9f91a33836d091684bbffa09JaffaCakes118

  • Size

    112KB

  • MD5

    580caa5d9f91a33836d091684bbffa09

  • SHA1

    2c3ddc9ae4259293342b168b02de6addb0603b1a

  • SHA256

    c514796762b871575c4bff6b4200096a9cb5bc6ff02c37cf0f7fc3c85f2ba285

  • SHA512

    1bc515ac98dde90d2e55399cba993c062a347fb6076531ee5525fa526a396692f738a65db674e860412d0432578e2e9f9cf3ef12e5cf343eeba4d6d8161921be

  • SSDEEP

    1536:tMCgYNtNqTDkQ1p3VGAwO8agVpMZ55qedvAODPH4TvGrEw5kzZ+Af5zN2:+Cg8QpF1wOWcDAOtEwS+AfB

Score
10/10
upxpony

Malware Config

Extracted

Family

pony

C2

http://sandwichbes.site90.com/Panel/gate.php

Attributes
  • payload_url

    http://sandwichbes.site90.com/Panel/micro.exe

Signatures

  • Pony family
    pony
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 580caa5d9f91a33836d091684bbffa09JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections