General
-
Target
87cb6fd22598f2f0f84fdb0aa7ee230320e9863d34adcbe8c9e257f8e5fd758e
-
Size
96KB
-
Sample
221201-cf43yshe5w
-
MD5
6cc8408b74598bdd86b097a7ff9d20ae
-
SHA1
584f110eb7522f8a21b4d3d617299c8c53ac4b42
-
SHA256
87cb6fd22598f2f0f84fdb0aa7ee230320e9863d34adcbe8c9e257f8e5fd758e
-
SHA512
0ed233d3ae7e482a44e213b9eefbd70e2f7f664a766412442fb282ad04afa61239bf64b056b048c2204a372773f4dd27fb6a0b206b71cbdfc1ed67a74c8fe1a1
-
SSDEEP
1536:s1BRQnHJ51D1p7wi16a2s6vh6u3bpMg1OKQe9V+HQmcYmfzj9zgx6:syDpEi16L33bZYzU5K6
Malware Config
Targets
-
-
Target
87cb6fd22598f2f0f84fdb0aa7ee230320e9863d34adcbe8c9e257f8e5fd758e
-
Size
96KB
-
MD5
6cc8408b74598bdd86b097a7ff9d20ae
-
SHA1
584f110eb7522f8a21b4d3d617299c8c53ac4b42
-
SHA256
87cb6fd22598f2f0f84fdb0aa7ee230320e9863d34adcbe8c9e257f8e5fd758e
-
SHA512
0ed233d3ae7e482a44e213b9eefbd70e2f7f664a766412442fb282ad04afa61239bf64b056b048c2204a372773f4dd27fb6a0b206b71cbdfc1ed67a74c8fe1a1
-
SSDEEP
1536:s1BRQnHJ51D1p7wi16a2s6vh6u3bpMg1OKQe9V+HQmcYmfzj9zgx6:syDpEi16L33bZYzU5K6
Score10/10-
Pony,Fareit
Pony is a Remote Access Trojan application that steals information.
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-