home

poney.exe

This is a setup program which is used to install the application. The file has been seen being downloaded from download1419.mediafire.com and multiple other hosts.
MD5:
220541c477de789a7ddc339f329f107d

SHA-1:
84b18e0cd3b5449761e60f10f23ae4d69cc26433

SHA-256:
6b0f3ef129deb212b873bd4cc5670b7c0092e6885438954ac2888ecc190c3fdd

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
11/30/2024 10:17:53 AM UTC  (today)

File size:
1.7 KB (1,746 bytes)

File type:
Executable application (Win16 EXE)

Common path:
C:\users\{user}\downloads\poney.exe

File PE Metadata
Compilation timestamp:
1/28/2072 5:51:12 PM

OS bitness:
Win16

Linker version:
0.184

CTPH (ssdeep):
12:8e01aFE60z8tYjAssMD+HmfMF8X4hEIPQk/4Bq+sTcm+IhPV4YfF+sPvOcSuF8X5:8bmENY8AyPX4hEk/67scg9d+QOcUXDtT

Entry address:
0x6A01D0F0

Entry point:
4C, 00, 00, 00, 01, 14, 02, 00, 00, 00, 00, 00, C0, 00, 00, 00, 00, 00, 00, 46, DB, 40, 08, 00, 20, 00, 00, 00, B8, 4A, 7A, C3, 82, F0, D0, 01, B8, 4A, 7A, C3, 82, F0, D0, 01, 6A, 74, 45, C4, 82, F0, D0, 01, 88, 07, 13, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 6A, 00, 68, 00, 32, 00, 88, 07, 13, 00, 30, 47, D6, 6A, 20, 00, 4D, 69, 6E, 65, 63, 72, 61, 66, 74, 2E, 65, 78, 65, 00, 4C, 00, 09, 00, 04, 00, EF, BE, 30, 47, D5, 6A, 30, 47, D5, 6A, 2E, 00, 00, 00, 38, E5...
 
[+]

The file poney.exe has been seen being distributed by the following 2 URLs.

http://download1419.mediafire.com/4113dohupcfg/.../Poney.exe.lnk

http://download1419.mediafire.com/crp8o924j5vg/.../Poney.exe.lnk

Scan poney.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.