General
-
Target
1256-56-0x0000000000400000-0x000000000041D000-memory.dmp
-
Size
116KB
-
MD5
e66d214522d0b94d9fccf2c6c57b51d0
-
SHA1
a8af7389991d9469313ab4537775d200059d25f4
-
SHA256
58016283ada1e503e313b0dbdd81497e7751987ade11d0b0b007beda3deb2396
-
SHA512
ae3c995796fbb54b61d36894d27f0e0385eb768e042851c1ac51154dcf330cec68b37958e7f120c44cfbed79d47b0def7a5205c26ff973c4e6ce3e01a77df38f
-
SSDEEP
1536:nAsnXEvYu5iqTnWqOEuZIsYnSbn4/7SKZ6jsOOeWTvA4kzksNsJSc8Gnouy8:xXST5B+IsYS74/wsORB+sqJa2out
Score
10/10
Malware Config
Extracted
Family
pony
C2
http://seolinkmarket.com/idx.php
http://liststitch.com/link.php
http://closedir.com/hotlink/img.php
http://closedir.com/hotlink/pics.php
Signatures
-
Pony family
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
Files
-
1256-56-0x0000000000400000-0x000000000041D000-memory.dmp
Headers
Sections