General
-
Target
ac057415176eba825f5b6f380714affe_JaffaCakes118
-
Size
121KB
-
MD5
ac057415176eba825f5b6f380714affe
-
SHA1
d37b82494de7837f4c6e666c8282411b8899cf11
-
SHA256
423e792fcd00265960877482e8148a0d49f0898f4bbc190894721fde22638567
-
SHA512
840c6b6d6f5b92a534ce40d37749408b7858488a42ea7e6982560fe3078aa0f3e16e16412a5b1a0b3c2c0d8807adcaa732fc5b854a506a41e57e9573f7bc5a27
-
SSDEEP
1536:XC3OmA4IqTaw/CvbX1YRd3eBa+CJoOeMOTvGkzbkvbJ/F0xFB6nouy8jT:y+/4YL1YDCOdwWl/F0zEoutH
Score
10/10
Malware Config
Extracted
Family
pony
C2
http://hachazamut.net16.net/gate.php
Attributes
-
payload_url
http://hachazamut.net16.net/Pony.exe
http://hachazamut.net16.net/KJ-w0rm.exe
http://hachazamut.net16.net/rat.exe
http://hachazamut.net16.net/Stealer.exe
Signatures
-
Pony family
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
ac057415176eba825f5b6f380714affe_JaffaCakes118
Headers
Sections