General
-
Target
1160-60-0x0000000000400000-0x0000000000417000-memory.dmp
-
Size
92KB
-
Sample
230505-278mwsfa76
-
MD5
3074f0d2ccaa38213f042dc70ae62021
-
SHA1
5aa05c93c840fabb1764f16b748af173adffad82
-
SHA256
fa43bb565f7bf7da20218821667bb9c0557c245ff0013baee88624108ed1f2e6
-
SHA512
3ac07bd234f7c2e3865df7d4439f6bf23603790b521f070d0c33caf31bb732b615fa00d4b8c4fe890239d2244f2a6ca97feb79702a2adc61741959678c146a3f
-
SSDEEP
1536:UShnezVqTEeyNZK3QevQVk3PKd/koahTvAEgJkZhk:UwQdKAe+k3PKvEgShk
Behavioral task
behavioral1
Sample
1160-60-0x0000000000400000-0x0000000000417000-memory.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
1160-60-0x0000000000400000-0x0000000000417000-memory.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
pony
http://98.158.129.17:8080/pony/gate.php
http://50.116.9.68/pony/gate.php
-
payload_url
http://www.longingtech.com/14jJyU.exe
http://ghanaleakplus.com/KVvCk7B.exe
http://arvina.cz/PpBCye.exe
Targets
-
-
Target
1160-60-0x0000000000400000-0x0000000000417000-memory.dmp
-
Size
92KB
-
MD5
3074f0d2ccaa38213f042dc70ae62021
-
SHA1
5aa05c93c840fabb1764f16b748af173adffad82
-
SHA256
fa43bb565f7bf7da20218821667bb9c0557c245ff0013baee88624108ed1f2e6
-
SHA512
3ac07bd234f7c2e3865df7d4439f6bf23603790b521f070d0c33caf31bb732b615fa00d4b8c4fe890239d2244f2a6ca97feb79702a2adc61741959678c146a3f
-
SSDEEP
1536:UShnezVqTEeyNZK3QevQVk3PKd/koahTvAEgJkZhk:UwQdKAe+k3PKvEgShk
Score3/10 -