pony | 36fd09cdb51e701f7affabecc456d5b73b8dbe486b7d8fe9f4775597f77f5ecc

General

Target

36fd09cdb51e701f7affabecc456d5b73b8dbe486b7d8fe9f4775597f77f5eccN.exe
Size

152KB
Sample

250103-2axjcsyrap
MD5

26bdcc74b18322fb4515a6577424f610
SHA1

268f0a76e7ab0f8225454fab9bfe37f8add6e1f0
SHA256

36fd09cdb51e701f7affabecc456d5b73b8dbe486b7d8fe9f4775597f77f5ecc
SHA512

3ca865614a98b5cbc937e9ecb53ad8a1868a00c55b1c61ee82d6577aeef27a91e1c645f19edd830d3bcca0cd39e7d96b8acc8eb82d5ba0fbaab6c40a7ae4fc79
SSDEEP

3072:OlcucIca/MVHaOtU7ST2/reD5Koutkc53u:OlcXIca/M0OtGx/r+5KoSkE+

Score

10^/10

Malware Config

Extracted

Family

pony

C2

http://chipservice.by/includes/phpmailer/red.php

http://avtoritet13.ru/catalog/model/tool/red.php

http://autopodval.ru/catalog/model/module/red.php

http://www.brevna.ru/search/map/red.php

http://pinek.ru/priceManager/doc/red.php

http://svitaliyo.atservers.net/packages/red.php

http://bryanosti.ru/modules/book/red.php

http://kit.ucoz.com/html/bbn.dat

http://interlude.ucoz.com/bbcodes/bbn.dat

http://interlude.ucoz.com/images/bbn.dat

http://cs-clan-ak47.ucoz.ru/_fr/bbn.dat

Targets

- Target
  
  36fd09cdb51e701f7affabecc456d5b73b8dbe486b7d8fe9f4775597f77f5eccN.exe
- Size
  
  152KB
- MD5
  
  26bdcc74b18322fb4515a6577424f610
- SHA1
  
  268f0a76e7ab0f8225454fab9bfe37f8add6e1f0
- SHA256
  
  36fd09cdb51e701f7affabecc456d5b73b8dbe486b7d8fe9f4775597f77f5ecc
- SHA512
  
  3ca865614a98b5cbc937e9ecb53ad8a1868a00c55b1c61ee82d6577aeef27a91e1c645f19edd830d3bcca0cd39e7d96b8acc8eb82d5ba0fbaab6c40a7ae4fc79
- SSDEEP
  
  3072:OlcucIca/MVHaOtU7ST2/reD5Koutkc53u:OlcXIca/M0OtGx/r+5KoSkE+
Score

10^/10

pony rat spyware stealer upx discovery
- Pony family
  pony
- Pony,Fareit
  Pony is a Remote Access Trojan application that steals information.
  rat spyware stealer pony
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Pony family

Pony,Fareit

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2