General

  • Target

    a8de892120aefb63dfa8397153ced3a4_JaffaCakes118

  • Size

    2.6MB

  • MD5

    a8de892120aefb63dfa8397153ced3a4

  • SHA1

    5899b68ca3c1fd688df616dd6865bdce7246b33e

  • SHA256

    bc2c2ea3f343a0468e0ad08a17b046d8c9bee58f04b0bbdc80a803ecb1cc8312

  • SHA512

    b2156d351fb6406d4b858055ac30175dc4259fb1d74e9dabbd5b71c4a230a942b8815270bbc0220c55f29285d7ec1ca79294610ba7b493f9b465a4b1ebd2dce2

  • SSDEEP

    49152:8coQxSBeKeiOSiFmoJggggLo40KDi3gp0XhCjyrlD:86SIROiFJiwp0xlrlD

Score
10/10

Malware Config

Extracted

Family

pony

C2

http://don.service-master.eu/gate.php

Attributes
  • payload_url

    http://don.service-master.eu/shit.exe

Signatures

  • Pony family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • a8de892120aefb63dfa8397153ced3a4_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections