pony | ef1a0ccdceaead799ffb341531101a03ba5062233c8ff52b0fff1036f7a004ad | Triage

Sharing

General

Target

ef1a0ccdceaead799ffb341531101a03ba5062233c8ff52b0fff1036f7a004adN
Size

216KB
Sample

240917-eacsmataqm
MD5

e107fa1a00b0f872d6f4e000a2383420
SHA1

196363c7a510cca1efb28fcb3092037fa405b130
SHA256

ef1a0ccdceaead799ffb341531101a03ba5062233c8ff52b0fff1036f7a004ad
SHA512

ad780867d7e0fd1063e4266c811cb81f5e051cbb2c43b34d7c81eb7f6f3c03f4c029f2b1195fd7b8ea34b32cf9787a79abd9c089f8df741834f3c6b46d86e210
SSDEEP

6144:nmBYDhkp7YrDyg6iJ369SnMuGc2EjOIm:sYrDp6iLGc2kO

Score

10^/10

pony discovery

Malware Config

Extracted

Family

pony

C2

http://mitsumidistrlbution.com/nonso/gate.php

Attributes

payload_url
http://mitsumidistrlbution.com/shit.exe

Targets

- Target
  
  ef1a0ccdceaead799ffb341531101a03ba5062233c8ff52b0fff1036f7a004adN
- Size
  
  216KB
- MD5
  
  e107fa1a00b0f872d6f4e000a2383420
- SHA1
  
  196363c7a510cca1efb28fcb3092037fa405b130
- SHA256
  
  ef1a0ccdceaead799ffb341531101a03ba5062233c8ff52b0fff1036f7a004ad
- SHA512
  
  ad780867d7e0fd1063e4266c811cb81f5e051cbb2c43b34d7c81eb7f6f3c03f4c029f2b1195fd7b8ea34b32cf9787a79abd9c089f8df741834f3c6b46d86e210
- SSDEEP
  
  6144:nmBYDhkp7YrDyg6iJ369SnMuGc2EjOIm:sYrDp6iLGc2kO
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2