General

  • Target

    a05e385f2439f2dd910cc4493e49287d_JaffaCakes118

  • Size

    2.6MB

  • MD5

    a05e385f2439f2dd910cc4493e49287d

  • SHA1

    76e6a1c16044051e9375205efb8f77bc78f77e95

  • SHA256

    af7adc4ebe323d9f6b7356afad08d523b363bd240800b0a125d99be49826df16

  • SHA512

    050cf055d3a62336c81c2844457486569de3e0bc3c0d87156a764a90463cc184b781bcebdbebf846089c6ebb890bf097ef44ce316dfc0d87ab0e2b43a4709a30

  • SSDEEP

    49152:8coQxSBeKeiOSiFmoJggggLo40KDi3gp0XhCjyrlC:86SIROiFJiwp0xlrlC

Score
10/10

Malware Config

Extracted

Family

pony

C2

http://don.service-master.eu/gate.php

Attributes
  • payload_url

    http://don.service-master.eu/shit.exe

Signatures

  • Pony family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • a05e385f2439f2dd910cc4493e49287d_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections