General
-
Target
a2e3516e7c7998cd0be681c6c4aa13887737c8ea8c4d5fc6feee8c50f18fd876
-
Size
194KB
-
Sample
221002-pws2vagggj
-
MD5
62cba1173a41075b6bead174c9f01427
-
SHA1
5090d5e6ac0bd44130d8f4180ec616d57c683cdd
-
SHA256
a2e3516e7c7998cd0be681c6c4aa13887737c8ea8c4d5fc6feee8c50f18fd876
-
SHA512
c79303fbd1dd9011d23de4e88c0c974a893c0e186abeeea9c9e393279efe6351d6d29d924f93b8a50f3809eb9cd9272cf14c7ee2211a75c198af89705b79af9e
-
SSDEEP
3072:zeAPMU+ErnoV6bbUtedhQMdwmmeSByWpWfg:zzEUF/bbmedhQMdwmmhByoWfg
Malware Config
Targets
-
-
Target
a2e3516e7c7998cd0be681c6c4aa13887737c8ea8c4d5fc6feee8c50f18fd876
-
Size
194KB
-
MD5
62cba1173a41075b6bead174c9f01427
-
SHA1
5090d5e6ac0bd44130d8f4180ec616d57c683cdd
-
SHA256
a2e3516e7c7998cd0be681c6c4aa13887737c8ea8c4d5fc6feee8c50f18fd876
-
SHA512
c79303fbd1dd9011d23de4e88c0c974a893c0e186abeeea9c9e393279efe6351d6d29d924f93b8a50f3809eb9cd9272cf14c7ee2211a75c198af89705b79af9e
-
SSDEEP
3072:zeAPMU+ErnoV6bbUtedhQMdwmmeSByWpWfg:zzEUF/bbmedhQMdwmmhByoWfg
Score10/10-
Pony,Fareit
Pony is a Remote Access Trojan application that steals information.
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-