General
-
Target
a5cda3f0cb629a86a44203cb76286ab1d64a7fa9207e8f23b9ca324d04ea21f9
-
Size
147KB
-
Sample
221201-yt7xnafe69
-
MD5
212dd184ce566f4c2651e49541eb4545
-
SHA1
06e7ad5e4f25b0b84103a362d80d015edfe8bec1
-
SHA256
a5cda3f0cb629a86a44203cb76286ab1d64a7fa9207e8f23b9ca324d04ea21f9
-
SHA512
b63f66511660558c9e1b8b05025f8d5d7f495738e1c722be03e34df0a2d27f572a38fae92b21889b55f0a913df8211f004a09ff538464f65bd705c06c9af206b
-
SSDEEP
3072:V2d65C3LaSCDjsXNSo65E7jyENE4Fp/hzRjzppSVZ0:Va65C3Lal+4oHyF4Ft3qVZ
Malware Config
Targets
-
-
Target
a5cda3f0cb629a86a44203cb76286ab1d64a7fa9207e8f23b9ca324d04ea21f9
-
Size
147KB
-
MD5
212dd184ce566f4c2651e49541eb4545
-
SHA1
06e7ad5e4f25b0b84103a362d80d015edfe8bec1
-
SHA256
a5cda3f0cb629a86a44203cb76286ab1d64a7fa9207e8f23b9ca324d04ea21f9
-
SHA512
b63f66511660558c9e1b8b05025f8d5d7f495738e1c722be03e34df0a2d27f572a38fae92b21889b55f0a913df8211f004a09ff538464f65bd705c06c9af206b
-
SSDEEP
3072:V2d65C3LaSCDjsXNSo65E7jyENE4Fp/hzRjzppSVZ0:Va65C3Lal+4oHyF4Ft3qVZ
Score10/10-
Pony,Fareit
Pony is a Remote Access Trojan application that steals information.
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-