pony | 8d9ef876176aaae0e3d3bb73e83396b6174ae228e7ba4cfd83354da204bb9ec9 | Triage

Sharing

General

Target

531cf928a1113ef698f18113ea45fef2_JaffaCakes118
Size

89KB
Sample

240729-t6wypsselc
MD5

531cf928a1113ef698f18113ea45fef2
SHA1

9dcddd0372f50e527226dd2e3e3c828cdcb819e6
SHA256

8d9ef876176aaae0e3d3bb73e83396b6174ae228e7ba4cfd83354da204bb9ec9
SHA512

c49075b8121cf848a7d79e66587f21bd9431045f03d6dad0efe76aa31beb89bc39dde5968abd11b3b8775fdce5bbb5be637e32a6a7053e2c945d7d257c3f106c
SSDEEP

1536:daFcbxKqTLdgvTFcFfCOUlRgm1F4yosOZGfJKTvLETeP4kzmD:cFyTSQNUlRtOIOETePED

Score

10^/10

pony discovery

Malware Config

Extracted

Family

pony

C2

http://192.168.1.10/impact/gate.php

Targets

- Target
  
  531cf928a1113ef698f18113ea45fef2_JaffaCakes118
- Size
  
  89KB
- MD5
  
  531cf928a1113ef698f18113ea45fef2
- SHA1
  
  9dcddd0372f50e527226dd2e3e3c828cdcb819e6
- SHA256
  
  8d9ef876176aaae0e3d3bb73e83396b6174ae228e7ba4cfd83354da204bb9ec9
- SHA512
  
  c49075b8121cf848a7d79e66587f21bd9431045f03d6dad0efe76aa31beb89bc39dde5968abd11b3b8775fdce5bbb5be637e32a6a7053e2c945d7d257c3f106c
- SSDEEP
  
  1536:daFcbxKqTLdgvTFcFfCOUlRgm1F4yosOZGfJKTvLETeP4kzmD:cFyTSQNUlRtOIOETePED
Score

6^/10

discovery
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2