Overview

overview

10

Static

static

3

6f12507293...18.exe

windows7-x64

10

6f12507293...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6f1250729306470b8b2afa86892663a7_JaffaCakes118

  • Size

    114KB

  • Sample

    240730-cq8h5axblc

  • MD5

    6f1250729306470b8b2afa86892663a7

  • SHA1

    83d9f0b3c668a7a92f0ac86e1935df15eae311a7

  • SHA256

    68e9d231bb23d517045c09ccbeea4bd424e0e150188969f72a624f50ffe2dea8

  • SHA512

    3a0c6086874475b38e11805aab1c300a6e98e33014259f5397ff6585675e406658e52e77991b82aea863b1114bf0eedb5233a2e7ffd6bb86d2d87e7129171341

  • SSDEEP

    3072:/XAtWYKBlVXnGseFwyb5Mwlg66moVqxOsd2gW9:fAoYKXVXL8wyb2E1Osd2g

Score
10/10
ponydiscoveryratspywarestealer

Malware Config

Extracted

Family

pony

C2

http://etsiunjour.fr:81/pony/gate.php

http://69.194.194.238/pony/gate.php
Attributes
  • payload_url

    http://www.nipbr.com/Macs.exe

    http://propasmanagement.com/qTNc.exe

    http://ajc.com.pk/LnL.exe

Targets

    • Target

      6f1250729306470b8b2afa86892663a7_JaffaCakes118

    • Size

      114KB

    • MD5

      6f1250729306470b8b2afa86892663a7

    • SHA1

      83d9f0b3c668a7a92f0ac86e1935df15eae311a7

    • SHA256

      68e9d231bb23d517045c09ccbeea4bd424e0e150188969f72a624f50ffe2dea8

    • SHA512

      3a0c6086874475b38e11805aab1c300a6e98e33014259f5397ff6585675e406658e52e77991b82aea863b1114bf0eedb5233a2e7ffd6bb86d2d87e7129171341

    • SSDEEP

      3072:/XAtWYKBlVXnGseFwyb5Mwlg66moVqxOsd2gW9:fAoYKXVXL8wyb2E1Osd2g

    Score
    10/10
    ponydiscoveryratspywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks