pony | 8994d3afef6a8d810d891e42231b7fb1f5625c7ad6bfb1794052fca73e68f244 | Triage

Sharing

General

Target

1872-63-0x0000000000400000-0x00000000004D7000-memory.dmp
Size

860KB
Sample

230507-qdfjgaeg22
MD5

eb8ff0fb845fce5b55e77bc9de0631dc
SHA1

567ce699cf523fc61ee71a2e1eb3ed5b303cb744
SHA256

8994d3afef6a8d810d891e42231b7fb1f5625c7ad6bfb1794052fca73e68f244
SHA512

9ade3362a8d396ad0d83b18b400bbe1a4bc505f3d70a147d694f5a16259e6f62e046969e1e5d9b0f5b67b15127fde3fd0560fd2d1f793dfea036a522defca155
SSDEEP

1536:EMoizM4UZqTCO69Mxe/ANGvRxp1xktOej1aXYDx5ULOb4hSvvQsNkzm+U6aJ:OSBUMSxp1aRjcOb4hMhh6c

Score

10^/10

pony upx

Malware Config

Extracted

Family

pony

C2

http://sunelec-kk.com/tmp/r1.php

http://japmotors.net/tmp/r1.php

Attributes

payload_url
http://globalofficesolution.net/tmp/file1.exe
http://globalofficesolution.net/tmp/file2.exe
http://davesclassics.com.au/tmp/file1.exe
http://davesclassics.com.au/tmp/file2.exe

Targets

- Target
  
  1872-63-0x0000000000400000-0x00000000004D7000-memory.dmp
- Size
  
  860KB
- MD5
  
  eb8ff0fb845fce5b55e77bc9de0631dc
- SHA1
  
  567ce699cf523fc61ee71a2e1eb3ed5b303cb744
- SHA256
  
  8994d3afef6a8d810d891e42231b7fb1f5625c7ad6bfb1794052fca73e68f244
- SHA512
  
  9ade3362a8d396ad0d83b18b400bbe1a4bc505f3d70a147d694f5a16259e6f62e046969e1e5d9b0f5b67b15127fde3fd0560fd2d1f793dfea036a522defca155
- SSDEEP
  
  1536:EMoizM4UZqTCO69Mxe/ANGvRxp1xktOej1aXYDx5ULOb4hSvvQsNkzm+U6aJ:OSBUMSxp1aRjcOb4hMhh6c
Score

3^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2