Overview

overview

10

Static

static

10

1132-55-0x...ry.exe

windows7-x64

1

1132-55-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1132-55-0x0000000000400000-0x0000000000421000-memory.dmp

  • Size

    132KB

  • MD5

    8b7fb3a1ecb105811620a5c655d7a546

  • SHA1

    97c6a0e6282b65e82ab8cedfc391cc7b36e998ce

  • SHA256

    2056afea61ffe266139f8b2391866246f7548195876a3108984e8e57700f2b2c

  • SHA512

    83b6902b10dee65598b01de0571e90f588275be8c5148b1d61ca1c25e5669cc676b84cc46378e859d6421ab4c69c3580247ca57cc21d574ed1f10aa479b1fa70

  • SSDEEP

    3072:Xmt4ld1ap9RPQf3DIOvb//H9u35Gy8Vij:XmtuWvQf3kOvj/H9M59z

Score
10/10
pony

Malware Config

Extracted

Family

pony

C2

http://kidswalla.com/ponyb/gate.php

http://kitchenwalla.com/ponyb/gate.php

http://london-leather.com/ponyb/gate.php

http://londonleatheronline.com/ponyb/gate.php
Attributes
  • payload_url

    http://www.rachelcondry.com/nLiZVHtr.exe

    http://amlleisure.co.uk/Jorq.exe

    http://rockmerchandising.com/MqTRi.exe

    http://preview.vibration-trainers.com/VrZ5.exe

Signatures

Files

  • 1132-55-0x0000000000400000-0x0000000000421000-memory.dmp
    .exe windows x86


    Headers

    Sections