General
-
Target
7e1cfa753193df3dc1b47770b5cafff98835985eaef930c977ac652d8a4f0e5d
-
Size
138KB
-
Sample
221201-c3gk6sga32
-
MD5
5983739f0e208e14bc9fa8df5c1fcc75
-
SHA1
f630178b64842b6c153932c5aed743a72ebcfdfd
-
SHA256
7e1cfa753193df3dc1b47770b5cafff98835985eaef930c977ac652d8a4f0e5d
-
SHA512
6537312c08b861e1837bf0c3d9721f6702410ac6070ace8d7c9a64db114e083eb1d778bbb32bd916cad37519b8215dc001f9d246b3df3773b8d9b91d328c2273
-
SSDEEP
3072:e28lnZOkJRzzqokTY4q1+JJ2tk4ZNE4g/blyO0GHv7Dwc:eTlnZOkJR9T1Hkp43Wv7E
Malware Config
Targets
-
-
Target
7e1cfa753193df3dc1b47770b5cafff98835985eaef930c977ac652d8a4f0e5d
-
Size
138KB
-
MD5
5983739f0e208e14bc9fa8df5c1fcc75
-
SHA1
f630178b64842b6c153932c5aed743a72ebcfdfd
-
SHA256
7e1cfa753193df3dc1b47770b5cafff98835985eaef930c977ac652d8a4f0e5d
-
SHA512
6537312c08b861e1837bf0c3d9721f6702410ac6070ace8d7c9a64db114e083eb1d778bbb32bd916cad37519b8215dc001f9d246b3df3773b8d9b91d328c2273
-
SSDEEP
3072:e28lnZOkJRzzqokTY4q1+JJ2tk4ZNE4g/blyO0GHv7Dwc:eTlnZOkJR9T1Hkp43Wv7E
Score10/10-
Pony,Fareit
Pony is a Remote Access Trojan application that steals information.
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-