Overview

overview

10

Static

static

10

abb8095c40...18.exe

windows7-x64

10

abb8095c40...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    abb8095c40c1a04b867673242262dbb2_JaffaCakes118

  • Size

    2.6MB

  • MD5

    abb8095c40c1a04b867673242262dbb2

  • SHA1

    46fb1e602e0d99039488bb04cc4c9b637965f9b1

  • SHA256

    54815bd48c0c7a8c6a608482657ecac66bf3a1a63d61054bc50fc5315530aa70

  • SHA512

    b5bedc018c46fd901dace73258e43a08787ecca4c5054b4d1075aa418dca675292a19a88c42359f41e50c722796da338aa201739e349c88d2873e75ef8203221

  • SSDEEP

    49152:8coQxSBeKeiOSiFmoJggggLo40KDi3gp0XhCjyrls:86SIROiFJiwp0xlrls

Score
10/10
pony

Malware Config

Extracted

Family

pony

C2

http://don.service-master.eu/gate.php

Attributes
  • payload_url

    http://don.service-master.eu/shit.exe

Signatures

  • Pony family
    pony
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • abb8095c40c1a04b867673242262dbb2_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections