General
-
Target
4d21ec66dc2c50417aaa5922c472cf462bd75c07f5951f422aa78f39e55d0759
-
Size
35KB
-
Sample
221127-m4vjjaca43
-
MD5
1fb6e3947edd545cb8b8ed9c32d9b66d
-
SHA1
e572a1d1bd373090f965744b347f0fa9cda7c89d
-
SHA256
4d21ec66dc2c50417aaa5922c472cf462bd75c07f5951f422aa78f39e55d0759
-
SHA512
ed1e744c636d0df3cdf2f36de1e159fee6d8df26c3f9b5669bf16d08bf9469b1bad148e7c8c299f7b9ce41e82f2f9dbccd6b5e68e02005af6777d50a905e574e
-
SSDEEP
768:+yI8Ja1AXF8eSMnekVoRNl2+nWMmDwL21/lnbcuyD7UA:+84yF8eSOZVYN87+I/lnouy8A
Malware Config
Targets
-
-
Target
4d21ec66dc2c50417aaa5922c472cf462bd75c07f5951f422aa78f39e55d0759
-
Size
35KB
-
MD5
1fb6e3947edd545cb8b8ed9c32d9b66d
-
SHA1
e572a1d1bd373090f965744b347f0fa9cda7c89d
-
SHA256
4d21ec66dc2c50417aaa5922c472cf462bd75c07f5951f422aa78f39e55d0759
-
SHA512
ed1e744c636d0df3cdf2f36de1e159fee6d8df26c3f9b5669bf16d08bf9469b1bad148e7c8c299f7b9ce41e82f2f9dbccd6b5e68e02005af6777d50a905e574e
-
SSDEEP
768:+yI8Ja1AXF8eSMnekVoRNl2+nWMmDwL21/lnbcuyD7UA:+84yF8eSOZVYN87+I/lnouy8A
Score10/10-
Pony,Fareit
Pony is a Remote Access Trojan application that steals information.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-