Pony_Stealer_03-09-2019

1. #Pony #fareit #Infstealer #Trojan
2. ----------------------------------------
3. 03-09-2019
4. ----------------------------------------
5. Main object- "2598455a3dc8ff8282adc081f87bceddb101281d168ebaee98bce784c21e6e40.bin.gz"
6. sha256 df7c99ca37a1e404ad87a9cf36b6ca0308e3f3834915c88f0957ec907ed2680d
7. sha1 ac6f6fcf6d15f740c191d73ab3ae8063d5cc0ff0
8. md5 99ba43cd5810821516af9a608d7478ef
9. Dropped executable file
10. sha256 C:\Users\admin\Desktop\2598455a3dc8ff8282adc081f87bceddb101281d168ebaee98bce784c21e6e40.bin 2598455a3dc8ff8282adc081f87bceddb101281d168ebaee98bce784c21e6e40
11. DNS requests
12. domain blockchain.info
13. domain api.blockcypher.com
14. Connections
15. ip 104.16.55.3
16. ip 54.209.25.54
17. ip 195.123.227.99
18. HTTP/HTTPS requests
19. url http://195.123.227.99/index.php?id=0&un=61646d696e&cn=555345522d5043&p=433a5c55736572735c61646d696e5c4465736b746f705c323539383435356133646338666638323832616463303831663837626365646462313031323831643136386562616565393862636537383463323165366534302e657865
20. url http://195.123.227.99/g_38472341.php