Overview

overview

10

Static

static

34f25a5180...a5.exe

windows7-x64

5

34f25a5180...a5.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    34f25a518088c9dcf156bd6e919ae59d95d2a95e87126773e57e70552c0e75a5

  • Size

    477KB

  • Sample

    221125-zxgqbafa39

  • MD5

    869df3e51cbeb5e8b2b18e88969ed4c6

  • SHA1

    fb48fa83052d96a9bab57bfcbd45477b181f86ed

  • SHA256

    34f25a518088c9dcf156bd6e919ae59d95d2a95e87126773e57e70552c0e75a5

  • SHA512

    c4c7fc5be68e6277b61fa096687fb84726ebd77368317046aa746369e2cdb1f127be80308c0b7c6eb0641d16b33f81fdca2b18cc71eae5f96fafcfa779ebca7a

  • SSDEEP

    3072:GFfMwbfLTh7N5Q8cPl1UHFbPdrLWg5nxipwmOxUPdICKIe1N2Beg4g:GVM8LVal0b1rLWgtYbOaNKIe1N2L4g

Score
10/10
ponycollectionratspywarestealer

Malware Config

Targets

    • Target

      34f25a518088c9dcf156bd6e919ae59d95d2a95e87126773e57e70552c0e75a5

    • Size

      477KB

    • MD5

      869df3e51cbeb5e8b2b18e88969ed4c6

    • SHA1

      fb48fa83052d96a9bab57bfcbd45477b181f86ed

    • SHA256

      34f25a518088c9dcf156bd6e919ae59d95d2a95e87126773e57e70552c0e75a5

    • SHA512

      c4c7fc5be68e6277b61fa096687fb84726ebd77368317046aa746369e2cdb1f127be80308c0b7c6eb0641d16b33f81fdca2b18cc71eae5f96fafcfa779ebca7a

    • SSDEEP

      3072:GFfMwbfLTh7N5Q8cPl1UHFbPdrLWg5nxipwmOxUPdICKIe1N2Beg4g:GVM8LVal0b1rLWgtYbOaNKIe1N2L4g

    Score
    10/10
    ponycollectionratspywarestealer

    • Pony,Fareit

      Pony is a Remote Access Trojan application that steals information.

      ratspywarestealerpony

    • Accesses Microsoft Outlook accounts

      collection

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks