Overview

overview

10

Static

static

10

2572-65-0x...ry.exe

windows7-x64

1

2572-65-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    2572-65-0x0000000000400000-0x000000000041B000-memory.dmp

  • Size

    108KB

  • MD5

    3c8f4d1ddfff79ab2cea6693905d1e05

  • SHA1

    ae43195b072aa79c4572aaa99324fe91ea9be625

  • SHA256

    62ac5a1578ad2e7def1a4afea7f24b6f7c0c817a37992b65aaf4c3a03afdb988

  • SHA512

    3ef108d060343b13d852b8be1df07764cd03181e931a0f535ffe958cb58d5fc3b5ee8335003424092cba0f248b79565dfee392b89c6444d4964fafc9fd689cfa

  • SSDEEP

    1536:c/nzp0YL6qTSC9UGBzmJr4A4ZrqYBmAE4KA9JOnJOBfTvtkzbk1S8/b:uz6aIImJRbOB6kt/b

Score
10/10
pony

Malware Config

Extracted

Family

pony

C2

http://co36686.twsite.de/chisom/gate.php

Signatures

  • Pony family
    pony
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2572-65-0x0000000000400000-0x000000000041B000-memory.dmp
    .exe windows:4 windows x86


    Headers

    Sections