pony | c3fa7a54c81442ebbf1ce4913093c828b265cc51994dcf176de7f8b9317848bf | Triage

Sharing

General

Target

f3e20c50b9c038741a8e0a55de037db3_JaffaCakes118
Size

53KB
Sample

240924-r8w1datale
MD5

f3e20c50b9c038741a8e0a55de037db3
SHA1

1fca28d73d6a03299e630e23687d4c9a037f1add
SHA256

c3fa7a54c81442ebbf1ce4913093c828b265cc51994dcf176de7f8b9317848bf
SHA512

5509fcc929fb37872f70513576d3d3dcb5ff4a35e19733b578d49e6b0fea0e4fb5e8664536c952c96b4e5e4bbf12da52bb6778e410ea59b69f2dd15f9b41756b
SSDEEP

768:y1QW0C6ReYqr3HXCVzRFfPWv6cNTgJDkjY0hK8LtuJi343pNZq/p03bGF:iQKqArXXCVzjPUlYDS3o8Ltu3p3q/IA

Score

10^/10

pony discovery rat spyware stealer

Malware Config

Extracted

Family

pony

C2

http://192.168.2.33/gate.php

Targets

- Target
  
  f3e20c50b9c038741a8e0a55de037db3_JaffaCakes118
- Size
  
  53KB
- MD5
  
  f3e20c50b9c038741a8e0a55de037db3
- SHA1
  
  1fca28d73d6a03299e630e23687d4c9a037f1add
- SHA256
  
  c3fa7a54c81442ebbf1ce4913093c828b265cc51994dcf176de7f8b9317848bf
- SHA512
  
  5509fcc929fb37872f70513576d3d3dcb5ff4a35e19733b578d49e6b0fea0e4fb5e8664536c952c96b4e5e4bbf12da52bb6778e410ea59b69f2dd15f9b41756b
- SSDEEP
  
  768:y1QW0C6ReYqr3HXCVzRFfPWv6cNTgJDkjY0hK8LtuJi343pNZq/p03bGF:iQKqArXXCVzjPUlYDS3o8Ltu3p3q/IA
Score

10^/10

pony rat spyware stealer discovery
- Pony,Fareit
  Pony is a Remote Access Trojan application that steals information.
  rat spyware stealer pony
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ponyratspywarestealer

behavioral2

ponydiscoveryratspywarestealer