General
-
Target
6532e0c6251e857008c16c23e4862d4d4aceaa55bad215da81a3b8f53f8e60db
-
Size
146KB
-
Sample
221019-2m1fsabeh4
-
MD5
907c277baf95f5e1c58fa0b04a6f9bfd
-
SHA1
0bde33bd76f2cd57a8664a1ae64627338901bc75
-
SHA256
6532e0c6251e857008c16c23e4862d4d4aceaa55bad215da81a3b8f53f8e60db
-
SHA512
87eb370a8d79a084fd415fee1fabc161b07b9d1520a09d083bddde97a8670531807bc9bdd8932c34dcac5a0b0301459902ba77150e4aea87cfae12c5aac95572
-
SSDEEP
3072:VwXXYqvCvm2q/2JDlgiFK+tZd14YE3LMwZ:VmwNDfTE7M6
Malware Config
Targets
-
-
Target
6532e0c6251e857008c16c23e4862d4d4aceaa55bad215da81a3b8f53f8e60db
-
Size
146KB
-
MD5
907c277baf95f5e1c58fa0b04a6f9bfd
-
SHA1
0bde33bd76f2cd57a8664a1ae64627338901bc75
-
SHA256
6532e0c6251e857008c16c23e4862d4d4aceaa55bad215da81a3b8f53f8e60db
-
SHA512
87eb370a8d79a084fd415fee1fabc161b07b9d1520a09d083bddde97a8670531807bc9bdd8932c34dcac5a0b0301459902ba77150e4aea87cfae12c5aac95572
-
SSDEEP
3072:VwXXYqvCvm2q/2JDlgiFK+tZd14YE3LMwZ:VmwNDfTE7M6
Score10/10-
Pony,Fareit
Pony is a Remote Access Trojan application that steals information.
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-