pony | a11868547992649e227273a1106a3da835fb99f19e75d1572c466615f9504ac5 | Triage

Sharing

General

Target

5828cea9f614955c2cb71a73ef9c2629JaffaCakes118_NeikiAnalytics
Size

216KB
Sample

240529-2cfcvsda67
MD5

5828cea9f614955c2cb71a73ef9c2629
SHA1

04cee649384b24467e09ffa81574abe246f27fab
SHA256

a11868547992649e227273a1106a3da835fb99f19e75d1572c466615f9504ac5
SHA512

962cd19241b61842dad7ea6c879130904a4b8cdc542bfdff4ea5c6f2704325caafd487eb74482ef13b764d3be61fe998dc15c265350b168e9038a33ccb702f09
SSDEEP

6144:ZAzTxSV9KlLb4EexbojXcWQFq6SnMuGc2EjOnm:WKmQEexbozcWVGc2kO

Score

10^/10

pony microsoft phishing

Malware Config

Extracted

Family

pony

C2

http://co58724.tmweb.ru/fav/gate.php

Targets

- Target
  
  5828cea9f614955c2cb71a73ef9c2629JaffaCakes118_NeikiAnalytics
- Size
  
  216KB
- MD5
  
  5828cea9f614955c2cb71a73ef9c2629
- SHA1
  
  04cee649384b24467e09ffa81574abe246f27fab
- SHA256
  
  a11868547992649e227273a1106a3da835fb99f19e75d1572c466615f9504ac5
- SHA512
  
  962cd19241b61842dad7ea6c879130904a4b8cdc542bfdff4ea5c6f2704325caafd487eb74482ef13b764d3be61fe998dc15c265350b168e9038a33ccb702f09
- SSDEEP
  
  6144:ZAzTxSV9KlLb4EexbojXcWQFq6SnMuGc2EjOnm:WKmQEexbozcWVGc2kO
Score

5^/10

microsoft phishing
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

microsoftphishing