Overview

overview

10

Static

static

10

a8a0a38862...18.exe

windows7-x64

10

a8a0a38862...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    a8a0a3886293e447f053b4e1d1563488_JaffaCakes118

  • Size

    2.6MB

  • MD5

    a8a0a3886293e447f053b4e1d1563488

  • SHA1

    5cb95823aeaf667b6800b5173f1e50692a3cb4ab

  • SHA256

    2c785f0b9331218400348f9a47e7739d8894aa4fc71450b4ee330141c7d413e1

  • SHA512

    dadd81a2b2d1fafa16b1fb94d9d82c3c1fad9923073a475a80267a1752ae1511d39153d59bbc7c8930873c484b77b232432c28b1c295b43d0eefda1b06b907dd

  • SSDEEP

    49152:8coQxSBeKeiOSiFmoJggggLo40KDi3gp0XhCjyrlQ:86SIROiFJiwp0xlrlQ

Score
10/10
pony

Malware Config

Extracted

Family

pony

C2

http://don.service-master.eu/gate.php

Attributes
  • payload_url

    http://don.service-master.eu/shit.exe

Signatures

  • Pony family
    pony
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • a8a0a3886293e447f053b4e1d1563488_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections