Extracted

• • Target

    3d9efe3771da1758923687a2b2b43b77

  • Size

    160KB

  • MD5

    3d9efe3771da1758923687a2b2b43b77

  • SHA1

    1b046f2aa79c84d02abd381a05e7dda29a962bb6

  • SHA256

    11995b124e61f9fd56609b1cc9b20b6f3be1da7238f51e042e0651096f1b6101

  • SHA512

    647ae6dd0a83ee496e9a9080c18332747483296d089faa533c1fc8ae1f888e7ad67e2cf2076ef61ff7b22a44f0f679bdcc60453e4b930fdb9989eddd42bd688b

  • SSDEEP

    1536:6+rGkJgPDvdgSIyTZrMGoUd3eiKW7BBO+5QILr3tcABzuBu7UIBdiqHFK7L:nJcDhTZbvKWe+xLh7bqGKv

  Score

  10^/10

  ponydiscoveryratspywarestealer

  • Pony,Fareit

    Pony is a Remote Access Trojan application that steals information.

    ratspywarestealerpony

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2