General

  • Target

    a14be8961760dcfdc47276db790f43d1_JaffaCakes118

  • Size

    2.6MB

  • MD5

    a14be8961760dcfdc47276db790f43d1

  • SHA1

    c4245bc518c13ea04c536c5a9a8bb40d29aaea62

  • SHA256

    d067cec6c48d4f5f67e3ca19dbc3028cee37be69d65b075b38b9b4e9ee3aeb49

  • SHA512

    bb4e6247f2ed5b082b5837aa91651c92e8130972956c30bc0989c2cc7d22f4fcd97e19f04db8c528655d0a68166cf1d75828d52039d2788698b320f4db3b63c4

  • SSDEEP

    49152:8coQxSBeKeiOSiFmoJggggLo40KDi3gp0XhCjyrld:86SIROiFJiwp0xlrld

Score
10/10

Malware Config

Extracted

Family

pony

C2

http://don.service-master.eu/gate.php

Attributes
  • payload_url

    http://don.service-master.eu/shit.exe

Signatures

  • Pony family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • a14be8961760dcfdc47276db790f43d1_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections