pony | 2b929dda0fa95fe8a9162f69b47d10a35174e69f9ca717dc9b1e036f67dc5852 | Triage

Sharing

General

Target

7902c3995bfe33efd4e2c2af31145c7d_JaffaCakes118
Size

89KB
Sample

240727-wb3h4svaje
MD5

7902c3995bfe33efd4e2c2af31145c7d
SHA1

b5a87cc1c4efec820a088d9e970be75dc37c85b6
SHA256

2b929dda0fa95fe8a9162f69b47d10a35174e69f9ca717dc9b1e036f67dc5852
SHA512

f62a96063a0098e9100689cd893e3378c186870aa3ed064f4e25c40af626563bff11b88ee7a66bd31d4a0589b931829fbf45ba1c605508035cfc4f12e2640109
SSDEEP

1536:haFcbxKqTLdgvTFcFfCOUlRgm1F4yosOZGfJKTvLETeP4kzmD:gFyTSQNUlRtOIOETePED

Score

10^/10

pony discovery

Malware Config

Extracted

Family

pony

C2

http://192.168.1.10/impact/gate.php

Targets

- Target
  
  7902c3995bfe33efd4e2c2af31145c7d_JaffaCakes118
- Size
  
  89KB
- MD5
  
  7902c3995bfe33efd4e2c2af31145c7d
- SHA1
  
  b5a87cc1c4efec820a088d9e970be75dc37c85b6
- SHA256
  
  2b929dda0fa95fe8a9162f69b47d10a35174e69f9ca717dc9b1e036f67dc5852
- SHA512
  
  f62a96063a0098e9100689cd893e3378c186870aa3ed064f4e25c40af626563bff11b88ee7a66bd31d4a0589b931829fbf45ba1c605508035cfc4f12e2640109
- SSDEEP
  
  1536:haFcbxKqTLdgvTFcFfCOUlRgm1F4yosOZGfJKTvLETeP4kzmD:gFyTSQNUlRtOIOETePED
Score

6^/10

discovery
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2