pony | eda6bc27798b7230d63cae9225c466b67b05e788b315e4dc443c43cf1baabfca | Triage

Submit
Reports

Overview

overview

Static

static

eda6bc2779...ca.exe

windows7_x64

eda6bc2779...ca.exe

windows10_x64

Sharing

General

Target

eda6bc27798b7230d63cae9225c466b67b05e788b315e4dc443c43cf1baabfca.exe
Size

1.1MB
Sample

200709-45s43prrze
MD5

b70279fc1c857dc76a50f77a46460657
SHA1

fbcabd564c13287b0a0d42026c77006f0c6e7983
SHA256

eda6bc27798b7230d63cae9225c466b67b05e788b315e4dc443c43cf1baabfca
SHA512

424726d9175411466cb5fb0d99ecb843fb9609506b88e708c13717d5b47921485c370324b08f3f5379b6e7b2266ae30e45f49a6030ad2409446ec971ddbd761f

Score

10^/10

pony discovery rat spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

eda6bc27798b7230d63cae9225c466b67b05e788b315e4dc443c43cf1baabfca.exe

Resource

win7

discovery rat spyware stealer pony

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

eda6bc27798b7230d63cae9225c466b67b05e788b315e4dc443c43cf1baabfca.exe

Resource

win10

spyware discovery rat stealer pony

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  eda6bc27798b7230d63cae9225c466b67b05e788b315e4dc443c43cf1baabfca.exe
- Size
  
  1.1MB
- MD5
  
  b70279fc1c857dc76a50f77a46460657
- SHA1
  
  fbcabd564c13287b0a0d42026c77006f0c6e7983
- SHA256
  
  eda6bc27798b7230d63cae9225c466b67b05e788b315e4dc443c43cf1baabfca
- SHA512
  
  424726d9175411466cb5fb0d99ecb843fb9609506b88e708c13717d5b47921485c370324b08f3f5379b6e7b2266ae30e45f49a6030ad2409446ec971ddbd761f
Score

10^/10

discovery rat spyware stealer pony
- Pony,Fareit
  Pony is a Remote Access Trojan application that steals information.
  rat spyware stealer pony
- Deletes itself
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Accesses cryptocurrency wallets, possible credential harvesting
  spyware
- Checks for installed software on the system
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Remote System Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryratspywarestealerpony

behavioral2

spywarediscoveryratstealerpony

© 2018-2024

Terms | Privacy