MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 77ee5ac4528a19725db43bba1691c40ff820e2212f0f8d27f184e172a2464f0f. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Pony


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 77ee5ac4528a19725db43bba1691c40ff820e2212f0f8d27f184e172a2464f0f
SHA3-384 hash: c4e8c47860aaeff37b9dee51c094948928d3a6b72b70e45f913a3f7edb39444ba4ee8451bc0ea1e16abe22cc903ffab8
SHA1 hash: 157f75a66cca2339ca71206a2fa7a1bcf0cc92f2
MD5 hash: b6acb0483f23a729186c1b3b6014fec3
humanhash: purple-ceiling-monkey-fanta
File name:Scan0113160.pdf.bat.exe
Download: download sample
Signature Pony
Create hunting rule
File size:573'440 bytes
First seen:2020-04-30 07:34:49 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash e0b9aa9dcf31c3c76bb65dd533570ac9 (1 x Pony)
ssdeep 12288:TAyn0S9QxX7NPBLnuCRdgH2UhEP/kXQwE7MtwFk4cjdk3cT:T3B9QxXHLWFR
Threatray 785 similar samples on MalwareBazaar
TLSH ADC44A6611AA3EF6DB44D3F56458E127CB9C305E7FB12272BE0E49076C2FC998A73904
Reporter jarumlus
Tags:Pony

Intelligence

File Origin
# of uploads :
1
# of downloads :
96
Origin country :
n/a
Vendor Threat Intelligence

File information

The table below shows additional information about this malware sample such as delivery method and external references.

BLint

The following table provides more information about this file using BLint. BLint is a Binary Linter to check the security properties, and capabilities in executables.

Findings
IDTitleSeverity
CHECK_AUTHENTICODEMissing Authenticodehigh
CHECK_NXMissing Non-Executable Memory Protectioncritical
CHECK_PIEMissing Position-Independent Executable (PIE) Protectionhigh
Reviews
IDCapabilitiesEvidence
VB_APILegacy Visual Basic API usedMSVBVM60.DLL::EVENT_SINK_AddRef

Comments