Extracted

• • Target

    Microsoft_keygen_by_KeyGenGuru.zip

  • Size

    5.1MB

  • MD5

    0f58dd34aa5683287638c896275288ec

  • SHA1

    71f1e137aec2a8daba83d6fab655c6ed1f59b472

  • SHA256

    100d0d12257920948c65d4de3a1d6bd57acbb1a58d051ca866ae19a50553b693

  • SHA512

    08798f7568e6366ea1374c0a90bcc2b6ef2f71a257fa8a58842eae9a5eaa6c2ea2b9c785b086842321624f8538ccc1401c04a4e871f231f0811f939dd196b17d

  • SSDEEP

    98304:B+EbPCDOdcEOMj7QXHHWRcgi6xzlRdmOgTEmHfmvcamCpbby6p1FyBad:BNgecEOMjAipiGbdmOWtkjX/LyO

  Score

  10^/10

  azorultponycollectioncredential_accessdiscoveryinfostealerratspywarestealertrojan

  • Azorult

    An information stealer that was first discovered in 2016, targeting browsing history and passwords.

    trojaninfostealerazorult

  • Azorult family

    azorult

  • Pony family

    pony

  • Pony,Fareit

    Pony is a Remote Access Trojan application that steals information.

    ratspywarestealerpony

  • Executes dropped EXE

  • Loads dropped DLL

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Unsecured Credentials: Credentials In Files

    Steal credentials from unsecured files.

    credential_accessstealer

  • Accesses Microsoft Outlook accounts

    collection

  • Accesses Microsoft Outlook profiles

    collection

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1

• • Target

    Microsoft_keygen_by_KeyGenGuru.zip

  • Size

    5.1MB

  • MD5

    7294a7f26653ff7475a5ba1e6c495c10

  • SHA1

    8270f5e9cb997652ab256868519a7e1095038b87

  • SHA256

    bde059b6dffbfb26f315f559572ff5b90c93f9baae7c923c452d5b18829a99b4

  • SHA512

    045cc1521b65950ce31433992796d5d2054f8807d9bede452bb456244a80d46d6eb959e7a774fa194d8f5be7075e7bab6914c1b73e29782d416202621976edf2

  • SSDEEP

    98304:e+EbPCDOdcEOMj7QXHHWRcgi6xzlRdmOgTEmHfmvcamCpbby6p1FyBa/:eNgecEOMjAipiGbdmOWtkjX/LyY

  Score

  1^/10
  behavioral2

• • Target

    FILE_ID.DIZ

  • Size

    47B

  • MD5

    18666d319ed3fff14eb62f5a1cfe8de7

  • SHA1

    57facde7f2e261f050c997512e5906646545d592

  • SHA256

    73a3c0e4057053e7c830c847616408c416c600350a16abf5e3ae05bb41c10e12

  • SHA512

    d6ef118eee255767ce2bc5c9f97a3752ecd3efacf7b0f35f0c02c2d3ba89d3446915d51cde1a69982a5d0c827d5ce06ac780fd80249095058abe19f38fe52950

  Score

  3^/10
  behavioral3

• • Target

    Microsoft_keygen_by_KeyGenGuru.exe

  • Size

    5.2MB

  • MD5

    465f3765f16094b07393a238b6d07ae1

  • SHA1

    ae4b7610b3d7c20da9b51f156ecda96bcb6f6e0b

  • SHA256

    b5435e8a26968c4e039b6ac17b3f76a31a2064e9a270b66dd302e08a0f64b15c

  • SHA512

    5653cdd24d48cfb1ad862bd06d58266b53e966b23b8955621cc50a9c58601a05fefe8793546d75ae8fc4457e3196d13c0b8669b4eb4a605d7847bde7cef9a453

  • SSDEEP

    98304:eh71rTEvB46nmLCtKSvAUTI/kaq/FxtD/3I4SgQy6IoTUFOUPaabYo:ehpMB4AgGxkrctT3nSgQ8FphbYo

  Score

  1^/10
  behavioral4

• • Target

    Password.HERE.jpeg

  • Size

    2KB

  • MD5

    ff2a1da6e5e02c05cb1f0c6a85b0ce7e

  • SHA1

    f087998875d2c07bebb899333337aa560e9a8d48

  • SHA256

    81efd4e8a7aba30fda3dd9cf5c8c3902261d9cac0fb6a1fe4ea868699f834c99

  • SHA512

    18ac9bc9e00bf0f5dc3df775cef340325729dccde050e32769138749242563142da76800e4d2a629bb4ba6476965d84a8827f78adc8df03120759868ca639be4

  Score

  3^/10
  behavioral5