» MiPony.exe
Overview
Analysis
File Details
Network (4)

MiPony.exe

Mipony

www.mipony.net

File name:

MiPony.exe

Publisher:

www.mipony.net

Product:

Mipony

Version:

2.1.1.0

MD5:

1b4b3687b5e0b9f59b4703a7f4c297f4

SHA-1:

84af902cd212609ae439e4f388b1a7eee9fb3bf2

SHA-256:

160bc3b9f14ee04d1f456badbdf181d747e89b73a81a3a4ef8faef1ebecb9294

Scanner detections:

1 / 68

Status:

Clean (1 probable false positive detection)

Explanation:

This is mosty likely a false positive detection, the file is probably clean.

Analysis date:

11/5/2024 2:30:21 AM UTC (today)

Scan engine

Detection

Engine version

Trend Micro House Call

TROJ_GEN.F47V1214

7.2.353

File size:

12.5 MB (13,107,200 bytes)

Product version:

2.1.1.0

Original file name:

MiPony.exe

File type:

Executable application (Win32 EXE)

Common path:

C:\users\{user}\appdata\local\temp\{random}.tmp\mipony.exe

File PE Metadata

Compilation timestamp:

12/14/2013 12:05:39 AM

OS version:

4.0

OS bitness:

Win32

Subsystem:

Windows GUI

Linker version:

6.0

CTPH (ssdeep):

196608:6jPNDtMKbIlLnChv9LqLwZ3gDSABLsm1vD11d1Ol1fM0bhD1ONGP:4DbINe9VQD+s+

Entry address:

0x13A7

Entry point:

6A, 00, 6A, 01, 6A, 00, E8, 63, A0, 00, 00, 85, C0, 75, 08, 6A, FE, FF, 15, FC, 70, 21, 66, E8, B7, FC, FF, FF, 50, E8, 78, FC, FF, FF, CC, B8, AB, 5E, 21, 66, E8, 64, A4, 00, 00, 81, EC, B4, 00, 00, 00, 83, 65, F0, 00, 56, 57, 8B, F9, 8D, 8D, 40, FF, FF, FF, E8, 73, 19, 00, 00, FF, 75, 10, 33, F6, FF, 75, 0C, 46, 57, 8B, C8, 89, 75, FC, E8, 4F, 20, 00, 00, 8B, 4D, 08, 50, E8, A6, 20, 00, 00, 8D, 8D, 40, FF, FF, FF, 89, 75, F0, C6, 45, FC, 00, E8, 44, 1E, 00, 00, 8B, 4D, F4, 8B, 45, 08, 5F, 5E, 64, 89, 0D... 
[+]

Code size:

85.5 KB (87,552 bytes)

The executing file has been seen to make the following network communications in live environments.

TCP (HTTP):

Connects to v-2-eu22-d951-46.webazilla.com (78.140.143.46:80)

TCP (HTTP):

Connects to v-2-do13-d1175-109.webazilla.com (78.140.150.109:80)

TCP:

Connects to hosted-by.leaseweb.com (83.149.126.134:9009)

TCP (HTTP):

Connects to ec2-23-23-135-213.compute-1.amazonaws.com (23.23.135.213:80)

Scan MiPony.exe - Powered by Reason Core Security

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.