pony | e3466688c5674346c6dd2f9cfde369f39ea6f9a3fb019b7d76e19883c70b08f1 | Triage

Submit
Reports

Overview

overview

Static

static

e3466688c5...f1.exe

windows7-x64

e3466688c5...f1.exe

windows10-2004-x64

Sharing

General

Target

e3466688c5674346c6dd2f9cfde369f39ea6f9a3fb019b7d76e19883c70b08f1
Size

167KB
Sample

221002-n55lkaeaf8
MD5

6f4540d138f281b29415b9cbafa62910
SHA1

c54f00eca7b1f5a772f58b2220fe8199da4019f8
SHA256

e3466688c5674346c6dd2f9cfde369f39ea6f9a3fb019b7d76e19883c70b08f1
SHA512

b11da1f3c1e8555ccf64082ebdc1cce491b5e3f125d7a7b5448246831fb1e9532c723a475880d4fe07fc80ecff93b6bc11578b2f6de6abb95f8cb7876d9e46e0
SSDEEP

3072:RR6j9TQO+YkGZZin+HqZhWePiFkR/OYnlZFb:2x8skfPf

Score

10^/10

pony collection discovery rat spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

e3466688c5674346c6dd2f9cfde369f39ea6f9a3fb019b7d76e19883c70b08f1.exe

Resource

win7-20220901-en

pony collection discovery rat spyware stealer

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

e3466688c5674346c6dd2f9cfde369f39ea6f9a3fb019b7d76e19883c70b08f1.exe

Resource

win10v2004-20220812-en

pony collection discovery rat spyware stealer

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  e3466688c5674346c6dd2f9cfde369f39ea6f9a3fb019b7d76e19883c70b08f1
- Size
  
  167KB
- MD5
  
  6f4540d138f281b29415b9cbafa62910
- SHA1
  
  c54f00eca7b1f5a772f58b2220fe8199da4019f8
- SHA256
  
  e3466688c5674346c6dd2f9cfde369f39ea6f9a3fb019b7d76e19883c70b08f1
- SHA512
  
  b11da1f3c1e8555ccf64082ebdc1cce491b5e3f125d7a7b5448246831fb1e9532c723a475880d4fe07fc80ecff93b6bc11578b2f6de6abb95f8cb7876d9e46e0
- SSDEEP
  
  3072:RR6j9TQO+YkGZZin+HqZhWePiFkR/OYnlZFb:2x8skfPf
Score

10^/10

pony collection discovery rat spyware stealer
- Pony,Fareit
  Pony is a Remote Access Trojan application that steals information.
  rat spyware stealer pony
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses Microsoft Outlook accounts
  collection
- Accesses Microsoft Outlook profiles
  collection
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

ponycollectiondiscoveryratspywarestealer

behavioral2

ponycollectiondiscoveryratspywarestealer

© 2018-2024

Terms | Privacy