General
-
Target
94eb4013a41e7e513112b428663d8d3692a4e43e2a00c0ad3ad5f2e841a62622
-
Size
186KB
-
Sample
221205-n9sgsscd9s
-
MD5
0b0a653dad63b718259bbcbb748c2919
-
SHA1
c91d98f2f862fd5d865a733cfc56ef8d8cdc0064
-
SHA256
94eb4013a41e7e513112b428663d8d3692a4e43e2a00c0ad3ad5f2e841a62622
-
SHA512
a49348632a8715f1422548ee63087abb0dbcd74d45768e7b1cb63373c0e59d640c7c7fcc0e5535f5500a1b68a5bd75eb2f765d1c151ddd200cb46aca23b995c4
-
SSDEEP
3072:SmbysYSbfwuFrgxFBlLbNVvHRF/TwitWRziA:LjbfwWrgfvbL/FtXA
Malware Config
Targets
-
-
Target
94eb4013a41e7e513112b428663d8d3692a4e43e2a00c0ad3ad5f2e841a62622
-
Size
186KB
-
MD5
0b0a653dad63b718259bbcbb748c2919
-
SHA1
c91d98f2f862fd5d865a733cfc56ef8d8cdc0064
-
SHA256
94eb4013a41e7e513112b428663d8d3692a4e43e2a00c0ad3ad5f2e841a62622
-
SHA512
a49348632a8715f1422548ee63087abb0dbcd74d45768e7b1cb63373c0e59d640c7c7fcc0e5535f5500a1b68a5bd75eb2f765d1c151ddd200cb46aca23b995c4
-
SSDEEP
3072:SmbysYSbfwuFrgxFBlLbNVvHRF/TwitWRziA:LjbfwWrgfvbL/FtXA
Score10/10-
Pony,Fareit
Pony is a Remote Access Trojan application that steals information.
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook accounts
-
Accesses Microsoft Outlook profiles
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-