pony | 52a24d465b42683adfa19511061a7b6a3aa3ec87c375c8a710ec3983ddbe0431 | Triage

Sharing

General

Target

1.dll
Size

70KB
Sample

200713-qc9fxz97m6
MD5

beb47225071bd8762c0cb0d6e609129d
SHA1

48ca7e1d89edfb21cd2367eb9a38106c00adf7d2
SHA256

52a24d465b42683adfa19511061a7b6a3aa3ec87c375c8a710ec3983ddbe0431
SHA512

d694ef53ffee166523a749bccfc1c60b790fefe9904cfa616285932fe39e3f8d9cd9d706a85d6c2ef3922a3bf2c06e4312aab62ac50927ddc24da4750682cd53

Score

10^/10

pony discovery rat spyware stealer

Malware Config

Targets

- Target
  
  1.dll
- Size
  
  70KB
- MD5
  
  beb47225071bd8762c0cb0d6e609129d
- SHA1
  
  48ca7e1d89edfb21cd2367eb9a38106c00adf7d2
- SHA256
  
  52a24d465b42683adfa19511061a7b6a3aa3ec87c375c8a710ec3983ddbe0431
- SHA512
  
  d694ef53ffee166523a749bccfc1c60b790fefe9904cfa616285932fe39e3f8d9cd9d706a85d6c2ef3922a3bf2c06e4312aab62ac50927ddc24da4750682cd53
Score

10^/10

discovery rat spyware stealer pony
- Pony,Fareit
  Pony is a Remote Access Trojan application that steals information.
  rat spyware stealer pony
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Checks for installed software on the system
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryratspywarestealerpony

behavioral2

discoveryratspywarestealerpony