pony | 38074f0ea1edbb039fbc8527c23d92f25a35a2043067b1ee845331f5585463bf | Triage

Sharing

General

Target

38074f0ea1edbb039fbc8527c23d92f25a35a2043067b1ee845331f5585463bf
Size

93KB
Sample

221123-m9gjvsgb69
MD5

9961554b708361b8fe8f1762da476760
SHA1

4df3823d2b329176947a8e14015777eb0effc555
SHA256

38074f0ea1edbb039fbc8527c23d92f25a35a2043067b1ee845331f5585463bf
SHA512

e0e418c09e76f55840a4b3a028183fa24885d381e58d579d61b7f6931338f659ed6f3ad9753c3c8badd29b547b7261daaac16becc947ea786ca306c931e9b74f
SSDEEP

1536:EbiPNiiKMPgvi6nO7vNQO9dEqOI2FsJulyuvHCTYVYyew+ALrixdGUCZsiorn2YA:EOPNinMPrJQO9dFOI2/3vH88XLrdqn2h

Score

10^/10

pony discovery rat spyware stealer

Malware Config

Targets

- Target
  
  38074f0ea1edbb039fbc8527c23d92f25a35a2043067b1ee845331f5585463bf
- Size
  
  93KB
- MD5
  
  9961554b708361b8fe8f1762da476760
- SHA1
  
  4df3823d2b329176947a8e14015777eb0effc555
- SHA256
  
  38074f0ea1edbb039fbc8527c23d92f25a35a2043067b1ee845331f5585463bf
- SHA512
  
  e0e418c09e76f55840a4b3a028183fa24885d381e58d579d61b7f6931338f659ed6f3ad9753c3c8badd29b547b7261daaac16becc947ea786ca306c931e9b74f
- SSDEEP
  
  1536:EbiPNiiKMPgvi6nO7vNQO9dEqOI2FsJulyuvHCTYVYyew+ALrixdGUCZsiorn2YA:EOPNinMPrJQO9dFOI2/3vH88XLrdqn2h
Score

10^/10

pony discovery rat spyware stealer
- Pony,Fareit
  Pony is a Remote Access Trojan application that steals information.
  rat spyware stealer pony
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ponydiscoveryratspywarestealer

behavioral2

ponydiscoveryratspywarestealer