pony | c73930e9c55cb3b560de4c46fd8d2db976f02b736ca227ae09eacfd3301661a3 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

8440691b61...18.exe

windows7-x64

8440691b61...18.exe

windows10-2004-x64

Sharing

General

Target

8440691b61d3b63ceab811d23d0343df_JaffaCakes118
Size

128KB
Sample

241101-h1jweayejk
MD5

8440691b61d3b63ceab811d23d0343df
SHA1

34296f8690bec5e707b9e3d4c4aed3e0c7acb5f3
SHA256

c73930e9c55cb3b560de4c46fd8d2db976f02b736ca227ae09eacfd3301661a3
SHA512

5ca57340d4ce65da6c6e83db7d73a8ae29ee032b2a75e6670f9eeb6a1d22b0275e20efd706c8f390a72adccba68a82fc77f017c99e381c2069465c4083f12f9d
SSDEEP

3072:uGHi6mwdfyGLCNpW6ZCNRXUPw8+4OYoG49AJq:+Wf6NpW6ZCv8+nG4m

Score

10^/10

pony discovery rat spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

8440691b61d3b63ceab811d23d0343df_JaffaCakes118.exe

Resource

win7-20241010-en

pony discovery rat spyware stealer

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

8440691b61d3b63ceab811d23d0343df_JaffaCakes118.exe

Resource

win10v2004-20241007-en

pony discovery rat spyware stealer

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

pony

C2

http://67.215.225.205:8080/forum/viewtopic.php

http://216.231.139.111/forum/viewtopic.php

Attributes

payload_url
http://sigarra17.altervista.org/1C3.exe

http://codglobal.com/9WsB.exe

http://edpromagna.zeronove.it/pUR.exe

Targets

- Target
  
  8440691b61d3b63ceab811d23d0343df_JaffaCakes118
- Size
  
  128KB
- MD5
  
  8440691b61d3b63ceab811d23d0343df
- SHA1
  
  34296f8690bec5e707b9e3d4c4aed3e0c7acb5f3
- SHA256
  
  c73930e9c55cb3b560de4c46fd8d2db976f02b736ca227ae09eacfd3301661a3
- SHA512
  
  5ca57340d4ce65da6c6e83db7d73a8ae29ee032b2a75e6670f9eeb6a1d22b0275e20efd706c8f390a72adccba68a82fc77f017c99e381c2069465c4083f12f9d
- SSDEEP
  
  3072:uGHi6mwdfyGLCNpW6ZCNRXUPw8+4OYoG49AJq:+Wf6NpW6ZCv8+nG4m
Score

10^/10

pony discovery rat spyware stealer
- Pony family
  pony
- Pony,Fareit
  Pony is a Remote Access Trojan application that steals information.
  rat spyware stealer pony
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

ponydiscoveryratspywarestealer

behavioral2

ponydiscoveryratspywarestealer

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.