Overview

overview

10

Static

static

10

21a14593fe...50.exe

windows7-x64

10

21a14593fe...50.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    21a14593fe4f3466ec9840d0b0186906591bf87a9bc9fef263e71309fed0a750

  • Size

    34KB

  • MD5

    b8f01589487b8baf361b7f5e66d769a9

  • SHA1

    eb1b0dc51b09b0943bf5bfb9dd7ed2ae8dfafd4b

  • SHA256

    21a14593fe4f3466ec9840d0b0186906591bf87a9bc9fef263e71309fed0a750

  • SHA512

    9e7b52f57a82e7accb5ccbddc44264f422d9ba6acf36f67eb404632a7cda1e6f55f32c0ce2eafd18f01e21c650286064b4dd24b37aa83ac6d3c16876928d35ca

  • SSDEEP

    768:/1NAU2HFJK/ItMZalLoM2cH2LGHhQsSkfbBI:/s3fKwzLPNEGO/UbBI

Score
10/10
upxpony

Malware Config

Extracted

Family

pony

C2

http://184.105.163.235/new_advert/urwqehusd.php

Attributes
  • payload_url

    http://162.247.14.141/ff/pc.exe

    http://162.247.14.141/ff/pc2.exe

    http://162.247.14.141/ff/pc3.exe

Signatures

  • Pony family
    pony
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx

Files

  • 21a14593fe4f3466ec9840d0b0186906591bf87a9bc9fef263e71309fed0a750
    .exe windows x86


    Headers

    Sections

  • out.upx
    .exe windows x86


    Headers

    Sections