General

  • Target

    d94e2d6dbf1f3d2ebf6f61451d065a1571382b3e1ef52dba2c56da17dd4d47cf

  • Size

    2.2MB

  • MD5

    c45a1df7b3a07cca0f94b952d2120521

  • SHA1

    b595dab0d9fc75107e7fd21c2ed9d0abedfd75c9

  • SHA256

    d94e2d6dbf1f3d2ebf6f61451d065a1571382b3e1ef52dba2c56da17dd4d47cf

  • SHA512

    5ae34cd2e167409f23ee5657f5aba821a6df9a542648abd9e544915a61d3cc35e3fbaa483a077b5a4892aab2b016aaea772d9e37d2dc62560707011ffa284e09

  • SSDEEP

    24576:0UzNkyrbtjbGixCOPKH2I1iIWILtfOIJ+HKodCHPC0cF3u7P1+eWQ8f/x52vHNZH:0UzeyQMS4DqodCnoe+iitjWwwL

Score
10/10

Malware Config

Extracted

Family

pony

C2

http://don.service-master.eu/gate.php

Attributes
  • payload_url

    http://don.service-master.eu/shit.exe

Signatures

  • Pony family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • d94e2d6dbf1f3d2ebf6f61451d065a1571382b3e1ef52dba2c56da17dd4d47cf
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections