Extracted

• • Target

    DOC329993903-PDF.exe

  • Size

    147KB

  • MD5

    630e8d3ba621596560ffbf0633102ba7

  • SHA1

    62bb6d36401bf215028ddefb80a10f9f1a102957

  • SHA256

    67cf9d92ba34b560f348146c8e05729f00d55468ce6c97910f59b246054cf47e

  • SHA512

    663cb02e63facd7e417f218bb12bb0988768f2418c22736ae4b41b591a6828dc695c8f4b880bd3c9f240e05bd5feddf980dd2e1825e2352f403cf1147fea7015

  • SSDEEP

    3072:IB7bgimU4VStD9gysbJLulP8R7fzKyjCmBcvSCOBMzkvgoYku22O:Ef4PbJqkR7f5SSpKo1vb

  Score

  10^/10

  ponycollectionratspywarestealerupx

  • Pony,Fareit

    Pony is a Remote Access Trojan application that steals information.

    ratspywarestealerpony

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Accesses Microsoft Outlook accounts

    collection

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2