General

  • Target

    a64e7e662cc4ba68971e60829d27f0d8_JaffaCakes118

  • Size

    94KB

  • MD5

    a64e7e662cc4ba68971e60829d27f0d8

  • SHA1

    85004c77f6f931ab2a10b0ac8b0a55654ae6e227

  • SHA256

    fca6a8b8610af4ee0b323960e0f9eee05cc65f58c1a84e3f8ec3c007b811fa4f

  • SHA512

    1faa78b29679526e0d71549c9cd4f812c018e4f4ee3318bc9d920c619a80e86ed0813e80a41d907ac003c8fcf67b3bc132b946d2f59d1d043a82d9659ba5cec8

  • SSDEEP

    1536:7MZaVpSrKqTizpjDeOIx/OH5O1HDw+3V1Fffl9Oo0YW+lLqQXS1TvZAEM80U/etZ:QA3S2AO2mHNi9OjYW8qm2A/tU/eX

Score
10/10

Malware Config

Extracted

Family

pony

C2

http://whizzpackage.com/dp/adm/adm1/gate.php

Attributes
  • payload_url

    http://whizzpackage.com/dp/adm/adm1/wotbrut.exe

Signatures

  • Pony family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • a64e7e662cc4ba68971e60829d27f0d8_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections