pony | 4e6e8af35dc6de0e3c2014c722004001dc3cd99dbdbbbe4d460b77d3644d8a80 | Triage

Submit
Reports

Overview

overview

Static

static

48079F97B1...B7.exe

windows7_x64

48079F97B1...B7.exe

windows10_x64

Sharing

General

Target

48079F97B10815F3A20DCF8DEE6F02B7.exe
Size

598KB
Sample

210625-7fbv1tjtlj
MD5

48079f97b10815f3a20dcf8dee6f02b7
SHA1

ac4c229e4f6ce15e38818bab89e81ec0074b1c57
SHA256

4e6e8af35dc6de0e3c2014c722004001dc3cd99dbdbbbe4d460b77d3644d8a80
SHA512

4b6702b0fa4da309bfa8391d47f13bcf6fe068f870fe62c6e7a96c119a7f277f0ddfc766caa1d5a16c0a8d2f417900f866ff755279c3401471935b961cdb9276

Score

10^/10

pony discovery rat spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

48079F97B10815F3A20DCF8DEE6F02B7.exe

Resource

win7v20210408

pony discovery rat spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

48079F97B10815F3A20DCF8DEE6F02B7.exe

Resource

win10v20210410

pony discovery rat spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  48079F97B10815F3A20DCF8DEE6F02B7.exe
- Size
  
  598KB
- MD5
  
  48079f97b10815f3a20dcf8dee6f02b7
- SHA1
  
  ac4c229e4f6ce15e38818bab89e81ec0074b1c57
- SHA256
  
  4e6e8af35dc6de0e3c2014c722004001dc3cd99dbdbbbe4d460b77d3644d8a80
- SHA512
  
  4b6702b0fa4da309bfa8391d47f13bcf6fe068f870fe62c6e7a96c119a7f277f0ddfc766caa1d5a16c0a8d2f417900f866ff755279c3401471935b961cdb9276
Score

10^/10

pony discovery rat spyware stealer
- Pony,Fareit
  Pony is a Remote Access Trojan application that steals information.
  rat spyware stealer pony
- Deletes itself
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

ponydiscoveryratspywarestealer

behavioral2

ponydiscoveryratspywarestealer

© 2018-2024

Terms | Privacy