pony | d0b6573a025d5d79dd2a5f627702b12f36b87a95c156be1826bb552a27c9003b | Triage

Submit
Reports

Overview

overview

Static

static

8

d0b6573a02...3b.exe

windows7_x64

d0b6573a02...3b.exe

windows10_x64

Sharing

General

Target

d0b6573a025d5d79dd2a5f627702b12f36b87a95c156be1826bb552a27c9003b
Size

105KB
Sample

201110-f8ynx18hfa
MD5

807e6774adf4407a46df7747058a880c
SHA1

80a7a31cac60601b082e2535563d06b1e9505d94
SHA256

d0b6573a025d5d79dd2a5f627702b12f36b87a95c156be1826bb552a27c9003b
SHA512

c5d0cd3c100fc1865217120c4c77755a2e86e832300cf80c160699e327c25b0e724b8a65e644dc935d17665a8f7525beb31e836352c5a679af53a661633339e8

Score

10^/10

pony discovery rat spyware stealer upx

Static task

static1

Behavioral task

behavioral1

Sample

d0b6573a025d5d79dd2a5f627702b12f36b87a95c156be1826bb552a27c9003b.exe

Resource

win7v20201028

pony discovery rat spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

d0b6573a025d5d79dd2a5f627702b12f36b87a95c156be1826bb552a27c9003b.exe

Resource

win10v20201028

pony discovery rat spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  d0b6573a025d5d79dd2a5f627702b12f36b87a95c156be1826bb552a27c9003b
- Size
  
  105KB
- MD5
  
  807e6774adf4407a46df7747058a880c
- SHA1
  
  80a7a31cac60601b082e2535563d06b1e9505d94
- SHA256
  
  d0b6573a025d5d79dd2a5f627702b12f36b87a95c156be1826bb552a27c9003b
- SHA512
  
  c5d0cd3c100fc1865217120c4c77755a2e86e832300cf80c160699e327c25b0e724b8a65e644dc935d17665a8f7525beb31e836352c5a679af53a661633339e8
Score

10^/10

pony discovery rat spyware stealer
- Pony,Fareit
  Pony is a Remote Access Trojan application that steals information.
  rat spyware stealer pony
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

ponydiscoveryratspywarestealer

behavioral2

ponydiscoveryratspywarestealer

© 2018-2024

Terms | Privacy