pony | cc62022d24c59607f4e9cc6d1f22fa247617a9b191de2397ded7f2155c273f7e | Triage

Sharing

General

Target

ec26d06808b44a7314d59ceeccc0ad76_JaffaCakes118
Size

216KB
Sample

240919-zeczeayhqh
MD5

ec26d06808b44a7314d59ceeccc0ad76
SHA1

9a8a2c138834f2c487704b187c751d6dcfa7db29
SHA256

cc62022d24c59607f4e9cc6d1f22fa247617a9b191de2397ded7f2155c273f7e
SHA512

ebcf9330174a664f9a1544d77b5530c13d4bef90cbed6a52887b0494cbede3325b9bbea4252be2216a36e55d42dd9658d77ba2b69a85456971a4134d0ff75076
SSDEEP

3072:xURig3D6G8BNd8JRvtpGdKApSX2uWKppGjswSnMuGc/CfZDap6COU45EIPtm+:83qVIGdKApSX2uNj1wSnMuGc2EjObm

Score

10^/10

pony discovery

Malware Config

Extracted

Family

pony

C2

http://mitsumidistrlbution.com/maroke1/gate.php

Attributes

payload_url
http://mitsumidistrlbution.com/shit.exe

Targets

- Target
  
  ec26d06808b44a7314d59ceeccc0ad76_JaffaCakes118
- Size
  
  216KB
- MD5
  
  ec26d06808b44a7314d59ceeccc0ad76
- SHA1
  
  9a8a2c138834f2c487704b187c751d6dcfa7db29
- SHA256
  
  cc62022d24c59607f4e9cc6d1f22fa247617a9b191de2397ded7f2155c273f7e
- SHA512
  
  ebcf9330174a664f9a1544d77b5530c13d4bef90cbed6a52887b0494cbede3325b9bbea4252be2216a36e55d42dd9658d77ba2b69a85456971a4134d0ff75076
- SSDEEP
  
  3072:xURig3D6G8BNd8JRvtpGdKApSX2uWKppGjswSnMuGc/CfZDap6COU45EIPtm+:83qVIGdKApSX2uNj1wSnMuGc2EjObm
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2