General
-
Target
2416-2-0x0000000000400000-0x0000000000419000-memory.dmp
-
Size
100KB
-
MD5
e7c82cbaa89288ca594cdc0d1deb6182
-
SHA1
185fe0c7451d8ec5afb0fb542dc692fc259b0ab9
-
SHA256
8a738e60856a3ef0e5017b5fbc01759fc84d1c45bdac6483130cb6c92edaa24f
-
SHA512
681120ccfd1f22acf044b23374d0b30e78c3b89a4b88248dedf0e465e57efada271065a7a1cdda98c6264f93f36d720c2f69c6d56d568a86b91e26a9c7111bf2
-
SSDEEP
1536:IVmk0VeqTH+0UoO230L+WZSkdAfupJYOiOxQFm0rwZTvUExIZrRkzZHJMR:mmXG+WZ1dO9OxgExIZrak
Score
10/10
Malware Config
Extracted
Family
pony
C2
http://209.59.216.75/pony/gate.php
http://66.175.212.25/pony/gate.php
Attributes
-
payload_url
http://udveksling.cadesignform.dk/exFX.exe
http://maltepehem.gov.tr/Nnc1sY.exe
http://asaptax.com/xKkq.exe
Signatures
-
Pony family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2416-2-0x0000000000400000-0x0000000000419000-memory.dmp
Headers
Sections