pony | 5f3aa3b2ac7c8986cdb3b5107900616018b11eee1ca6946a65f0639fdf720079 | Triage

Sharing

General

Target

Trojan.MSIL.Agent.folv-5f3aa3b2ac7c8986cdb3b5.exe
Size

155KB
Sample

230720-ak2ghsbg97
MD5

e97f969ac3aae5db948dc206c57a79b6
SHA1

e9ecdcce70bd71a6a56c1f78f2cdebe4d79cb7fc
SHA256

5f3aa3b2ac7c8986cdb3b5107900616018b11eee1ca6946a65f0639fdf720079
SHA512

2f9e6e86bc8a633ca169c42198f035d53158b29887319e303fb6c4f22a90fd42be55a5081d37f21748645139475c411889849ead19ec4b479250573bf1ecdbca
SSDEEP

3072:vYYmWuuuynzAMlg6FbS0N6KNAh6Bm3yScYGue4+5w:vYfWdz1i6F8KKhQavcDuPY

Score

10^/10

pony collection rat spyware stealer

Malware Config

Extracted

Family

pony

C2

http://abcmedicalcenter.ro/grace/gate.php

Targets

- Target
  
  Trojan.MSIL.Agent.folv-5f3aa3b2ac7c8986cdb3b5.exe
- Size
  
  155KB
- MD5
  
  e97f969ac3aae5db948dc206c57a79b6
- SHA1
  
  e9ecdcce70bd71a6a56c1f78f2cdebe4d79cb7fc
- SHA256
  
  5f3aa3b2ac7c8986cdb3b5107900616018b11eee1ca6946a65f0639fdf720079
- SHA512
  
  2f9e6e86bc8a633ca169c42198f035d53158b29887319e303fb6c4f22a90fd42be55a5081d37f21748645139475c411889849ead19ec4b479250573bf1ecdbca
- SSDEEP
  
  3072:vYYmWuuuynzAMlg6FbS0N6KNAh6Bm3yScYGue4+5w:vYfWdz1i6F8KKhQavcDuPY
Score

10^/10

pony collection rat spyware stealer
- Pony,Fareit
  Pony is a Remote Access Trojan application that steals information.
  rat spyware stealer pony
- Uses the VBS compiler for execution
- Accesses Microsoft Outlook accounts
  collection
- Accesses Microsoft Outlook profiles
  collection
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Email Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

ponycollectionratspywarestealer

behavioral2

ponycollectionratspywarestealer