Malvertisement with encrypted/passworded zip attachment with encrypted archive as attachment. Virus Total was making limited behavior analysis on the sample so I decided to check it myself. I renamed the malicious attachment with the. filename sample2.exe and runs it. As per seen in the decrypt binary code it connected to the below pony gateways: It is a pony trojan, a credential stealer & downloader. It downloaded other malwares from th ebelow URL set (gotta hack the bins to know these too)”]
Source: https://blog.malwaremustdie.org/2013/06/case-of-pony-downloaded-zeus-via.html