General
-
Target
668b14b1100717fea42ac75cc3a6ac478f40d4426b19edb96db9f4f6fa1e6510N
-
Size
360KB
-
Sample
241103-he498axfpf
-
MD5
af66049ee90d62000c8dab210fe4ad00
-
SHA1
a8ed1650a011bbddfc41725359c5abedb831a0c1
-
SHA256
668b14b1100717fea42ac75cc3a6ac478f40d4426b19edb96db9f4f6fa1e6510
-
SHA512
120de4fb85975f7d17f45aa26ffd66f18ffbb81d10ad61f1d84fcbf1cc69219c5676a0209f0255f38de9216ec7000ab15b2236b63a8f0555d1e87bcf13195697
-
SSDEEP
6144:fZliAi2g9lPVAO50+vJu6idirOExWgzjlgWstdWz6vEythy2RiUObEPJX:fZ0r150OVnjsWZytc2ErWJ
Malware Config
Targets
-
-
Target
668b14b1100717fea42ac75cc3a6ac478f40d4426b19edb96db9f4f6fa1e6510N
-
Size
360KB
-
MD5
af66049ee90d62000c8dab210fe4ad00
-
SHA1
a8ed1650a011bbddfc41725359c5abedb831a0c1
-
SHA256
668b14b1100717fea42ac75cc3a6ac478f40d4426b19edb96db9f4f6fa1e6510
-
SHA512
120de4fb85975f7d17f45aa26ffd66f18ffbb81d10ad61f1d84fcbf1cc69219c5676a0209f0255f38de9216ec7000ab15b2236b63a8f0555d1e87bcf13195697
-
SSDEEP
6144:fZliAi2g9lPVAO50+vJu6idirOExWgzjlgWstdWz6vEythy2RiUObEPJX:fZ0r150OVnjsWZytc2ErWJ
Score10/10-
Pony family
-
Pony,Fareit
Pony is a Remote Access Trojan application that steals information.
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-