Overview

overview

10

Static

static

10

1160-56-0x...ry.exe

windows7-x64

1

1160-56-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1160-56-0x0000000000400000-0x0000000000421000-memory.dmp

  • Size

    132KB

  • MD5

    3f18c365609aa80b2e41cf44e5e293c8

  • SHA1

    ab68de592013b05331a69561cae954921336c958

  • SHA256

    82c5a25c26e89b854ede697a8f713be44ad26e0438e27afdbd5ef9859b69e7dc

  • SHA512

    855e4e8ef13a0bd7130d1d8c7bb0b2c5467c0f6014bd39acbd436d4e8bef983a935d48a8abc1841194f5f2d748bbfab256e1017cdb630c269721eb65f09afd6c

  • SSDEEP

    3072:tAgqhHNBVOuzdQV/syMU6OhOqsYWWZYWmwdaX82X45iAKMaEUSDslGz0:tAguBVOAO/syMU6O0VYLOM

Score
10/10
pony

Malware Config

Extracted

Family

pony

C2

http://wilcarobbe.com/zapoy/gate.php

http://littjohnwilhap.ru/zapoy/gate.php

http://ritsoperrol.ru/zapoy/gate.php
Attributes
  • payload_url

    http://one2shoppee.com/system/logs/xtool.exe

    http://insta.reduct.ru/system/logs/xtool.exe

    http://editprod.waterfilter.in.ua/system/logs/xtool.exe

Signatures

Files

  • 1160-56-0x0000000000400000-0x0000000000421000-memory.dmp
    .exe windows x86


    Headers

    Sections