pony | ddcf53e6a197256b95b22a1d21ef4d3f64d5ccf78cadceb6930cb1abd1cc5fe1 | Triage

Sharing

General

Target

ca235c8229cb684e2ee7a6a6bfade7fc_JaffaCakes118
Size

112KB
Sample

240830-dz8e6avbjb
MD5

ca235c8229cb684e2ee7a6a6bfade7fc
SHA1

3821a5d41e11d33094ecf1969b4a78418b9109f1
SHA256

ddcf53e6a197256b95b22a1d21ef4d3f64d5ccf78cadceb6930cb1abd1cc5fe1
SHA512

ed30ef1e75bfc6ef2e8287a40ad0c8f31b90df0eb957fd8743426dd8727e91ed1985ea1ace3d3545c552afada70674569749b12c005cf8b6b0b6365411448c7b
SSDEEP

1536:GrRMnSncgyGqTDRXmGcwSCfZDalZNg9tvo0iO3AX4ApTvMEIgnkzZtW7Cb:GroSnMuGc/CfZDap6COU45EIPtW7Cb

Score

10^/10

pony discovery upx

Malware Config

Extracted

Family

pony

C2

http://dhakayterayc.com/baba/panel/gate.php

Attributes

payload_url
http://dhakayterayc.com/baba/panel/shit.exe

Targets

- Target
  
  ca235c8229cb684e2ee7a6a6bfade7fc_JaffaCakes118
- Size
  
  112KB
- MD5
  
  ca235c8229cb684e2ee7a6a6bfade7fc
- SHA1
  
  3821a5d41e11d33094ecf1969b4a78418b9109f1
- SHA256
  
  ddcf53e6a197256b95b22a1d21ef4d3f64d5ccf78cadceb6930cb1abd1cc5fe1
- SHA512
  
  ed30ef1e75bfc6ef2e8287a40ad0c8f31b90df0eb957fd8743426dd8727e91ed1985ea1ace3d3545c552afada70674569749b12c005cf8b6b0b6365411448c7b
- SSDEEP
  
  1536:GrRMnSncgyGqTDRXmGcwSCfZDalZNg9tvo0iO3AX4ApTvMEIgnkzZtW7Cb:GroSnMuGc/CfZDap6COU45EIPtW7Cb
Score

7^/10

upx discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2