General
-
Target
ad7fd4cba5f25346591a9754859ac2885f701d4a20c4ba62898bea680fe21b98
-
Size
170KB
-
Sample
221201-rj72cafc77
-
MD5
5d8ec20494709f619bc93ba737e31d16
-
SHA1
32282a28c3e20ac5db732d29c82061632d46c063
-
SHA256
ad7fd4cba5f25346591a9754859ac2885f701d4a20c4ba62898bea680fe21b98
-
SHA512
f5371c9294a7b2b38e5c9a791fb32d0ede99418a6acee7b24bf16e776c3e4dd15bfeeceeea2352bff4892d39be714f4c615671fa39a1283ffe93bc16265de43e
-
SSDEEP
3072:QXJ7xr7pIAF7ivvu+FZ7KDrj3PEk5pT2+0LKrce1sLl:CZ91Iu7iHDF1Kfj/EupT23LKY
Malware Config
Targets
-
-
Target
ad7fd4cba5f25346591a9754859ac2885f701d4a20c4ba62898bea680fe21b98
-
Size
170KB
-
MD5
5d8ec20494709f619bc93ba737e31d16
-
SHA1
32282a28c3e20ac5db732d29c82061632d46c063
-
SHA256
ad7fd4cba5f25346591a9754859ac2885f701d4a20c4ba62898bea680fe21b98
-
SHA512
f5371c9294a7b2b38e5c9a791fb32d0ede99418a6acee7b24bf16e776c3e4dd15bfeeceeea2352bff4892d39be714f4c615671fa39a1283ffe93bc16265de43e
-
SSDEEP
3072:QXJ7xr7pIAF7ivvu+FZ7KDrj3PEk5pT2+0LKrce1sLl:CZ91Iu7iHDF1Kfj/EupT23LKY
Score10/10-
Pony,Fareit
Pony is a Remote Access Trojan application that steals information.
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-