Extracted

• • Target

    f8d8fb6a1a1cdb4263e3e31007893b20

  • Size

    97KB

  • MD5

    f8d8fb6a1a1cdb4263e3e31007893b20

  • SHA1

    abac35a018b42c95d3108161cb18cc047f30c2f3

  • SHA256

    35ecf27d3f771930f554e9a3cd161f0db5af6616272644c2846f5eb3a50f94c8

  • SHA512

    09d4778c6ce219f1dc4503431237cb190728db9d424d82800be0a4337b7d9e73167c6a78b7285289b5ccf9a3389f7e897301c5fdf40a51d21db00d5b67ea571f

  • SSDEEP

    1536:rz50zU4OJdqxhXS1ZHD0iR8GARZKWR7QIexpvpnenYeLS2uRQRJk/UjCzhX0Knd:vYOSuj0iRpAfh0zpneVS2u6Tih7d

  Score

  10^/10

  ponydiscoveryratspywarestealer

  • Pony,Fareit

    Pony is a Remote Access Trojan application that steals information.

    ratspywarestealerpony

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2