General
-
Target
crimgroup(2).exe
-
Size
224KB
-
Sample
210507-82dkt1yman
-
MD5
f50c60a10a65fe50c644ee5d20091e14
-
SHA1
f6ec05879fb51f9f1fdd9771d206bdd5ec4a17ce
-
SHA256
15aa1919120cf819c2c0386a0a6b8b71059fa669491016b06df0998a27eb32ff
-
SHA512
64e8b782f3b1064c5e3b4f74f407f80c7e7b0d79745479e1006d795ddb324697683c07ac13cdbdb439edb46250acd91522cf0da2f94a325d0c83638706d3512f
Malware Config
Targets
-
-
Target
crimgroup(2).exe
-
Size
224KB
-
MD5
f50c60a10a65fe50c644ee5d20091e14
-
SHA1
f6ec05879fb51f9f1fdd9771d206bdd5ec4a17ce
-
SHA256
15aa1919120cf819c2c0386a0a6b8b71059fa669491016b06df0998a27eb32ff
-
SHA512
64e8b782f3b1064c5e3b4f74f407f80c7e7b0d79745479e1006d795ddb324697683c07ac13cdbdb439edb46250acd91522cf0da2f94a325d0c83638706d3512f
Score10/10-
Pony,Fareit
Pony is a Remote Access Trojan application that steals information.
-
Deletes itself
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-