General
-
Target
1092-56-0x0000000000400000-0x0000000000424000-memory.dmp
-
Size
144KB
-
MD5
bffaa64e9a3089e163ef1d1f172c1bb9
-
SHA1
0d590c363ad13b49e757ee6b1a58aabd43d370e1
-
SHA256
4e24177bec9f6ce9f3d51332cad2ea73e47721b70ae470f4d02a29c836341700
-
SHA512
a0d400f039b5b31a3452f2cf81323806daf5cb5bf5b56dd0c8f9dd37a64283490c9c13215a62493e52fbbe845f90ee32e1a0daa6e22517cd84dbf2d720b10b05
-
SSDEEP
3072:LDEkCod1ZMsH8OSMVPO6mqGg9Zysoutyk:LDEIXMnOSMVPlTrvoS
Score
10/10
Malware Config
Extracted
Family
pony
C2
http://85.192.165.229:10015/gate.php
http://176.96.187.114:10015/gate.php
http://176.96.187.116:10015/gate.php
http://80.254.98.212:10015/gate.php
http://5.144.66.227:10015/gate.php
Signatures
-
Pony family
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
Files
-
1092-56-0x0000000000400000-0x0000000000424000-memory.dmp
Headers
Sections