Overview

overview

10

Static

static

10

933b7fa424...18.exe

windows7-x64

10

933b7fa424...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    933b7fa4240c1071ea0568521494ae82_JaffaCakes118

  • Size

    89KB

  • MD5

    933b7fa4240c1071ea0568521494ae82

  • SHA1

    4b5fe55fc07f9123184d87d5bc0cfa869fe311b7

  • SHA256

    c1fa9fd52e15aef776c3157d8a55146fb4e5fd2c20895e7348801594f8ae0570

  • SHA512

    de64f56bfc478b1b0ef8e2f6c6d70d3d11d00ee57ea0b5eb2a95be5a7eb0fd670e77a067ea6348aae7e1253df9c19b097657d11a20d58a63f46145c9469d417a

  • SSDEEP

    1536:PD30/SuqTo/RidCtWMB94XGpu05gstdUOc8WpTvxEghSkzZ5:L3JFCtDBqXid56OcDEgf5

Score
10/10
pony

Malware Config

Extracted

Family

pony

C2

http://stareanatiunii.com:8080/pony/gate.php

http://173.83.251.73:8080/pony/gate.php
Attributes
  • payload_url

    http://evita0466avr.com/AdNPN2oL/fn729dhP.exe

    http://hosting4446350.az.pl/t3Dt4hQH/JuavA.exe

    http://ssquarehospitality.com/to04gp5h/ewR7.exe

Signatures

  • Pony family
    pony
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 933b7fa4240c1071ea0568521494ae82_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    2c8567c932832b8c3359ddf9343a4028


    Headers

    Imports

    Sections