Extracted

• • Target

    4f43e4aee8ff9639125699ea3d40104c439e7a66d65d653a4155c3c22587af4c.exe

  • Size

    101KB

  • MD5

    52950f24f53e9d79469ead7095709321

  • SHA1

    6a03ab8d439a55e77679f73c24f9d46192ea20cd

  • SHA256

    4f43e4aee8ff9639125699ea3d40104c439e7a66d65d653a4155c3c22587af4c

  • SHA512

    2ef4529720116ce771577ac345f9c2d1fb5521f2724bf1a553756087ae33505f0d5cf673e00a8adcf07cb3a4719f6f000e8b8c38c168ec0878cc461e5226d1ec

  • SSDEEP

    3072:FqKRjqCvdTNKB5LwlhxLSIjOlUyPMkV3q+:HRuCvdcTChdSIjOjI+

  Score

  10^/10

  ponycollectioncredential_accessdiscoveryratspywarestealer

  • Pony family

    pony

  • Pony,Fareit

    Pony is a Remote Access Trojan application that steals information.

    ratspywarestealerpony

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Unsecured Credentials: Credentials In Files

    Steal credentials from unsecured files.

    credential_accessstealer

  • Accesses Microsoft Outlook accounts

    collection

  • Accesses Microsoft Outlook profiles

    collection

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2