Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    fc0a93f6f2482a0b4492162da29b7210_JaffaCakes118

  • Size

    88KB

  • MD5

    fc0a93f6f2482a0b4492162da29b7210

  • SHA1

    39348f15311a419b88fa42b3cf285e91ca258d59

  • SHA256

    83c52584a7f96820135388686852211ea53fc1c01ae7a48b47ba5ca663a75d8b

  • SHA512

    c59d31bcfb05a72455a1d7841f273afb94f754660c30644c6f9cb3e74a15381a9cce40dcaa7bd4b675883b4098dedb7a601ecb7cfd902cf36369f8454fbbffb2

  • SSDEEP

    1536:x3V3e8KytqTZkYu5SCvaDBzgM+5zu9kS24zxAkOg8WTvMEIDkzZ3:9dOy+ubiDBzv+1H4OgYEIs3

Score
10/10

Malware Config

Extracted

Family

pony

C2

http://elitemoment.pl/default.php?t2ncC7c6VVKnjhpuPl956W7tACHM8oxM6KtmU

http://w64qti6kf.homepage.t-online.de/default.php?dmypGCBkwJGzufMANrYHN

http://alain.crouzette.free.fr/default.php?qADzMkwuNJ4fenEfxd1NXDMtwrsW

http://bgtex.it/default.php?9FdEO4lPypCW8iigMVTbnz6GLfDL2v5dXT1YT1VQ9nI

http://dh-webservice.de/default.php?IWLyB3x7CMJt7xf5uJSrKVQIKXVejqenAZB

Signatures

  • Pony family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • fc0a93f6f2482a0b4492162da29b7210_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    728afd0aeb7539a2a721ececf5f36865


    Headers

    Imports

    Sections