{
	"id": "94466bce-5c6e-4191-8f85-519ee13b5a83",
	"created_at": "2026-04-06T00:09:12.720926Z",
	"updated_at": "2026-04-10T03:22:00.013419Z",
	"deleted_at": null,
	"sha1_hash": "ef28fb59fb67928eaabb3a2c6151174f35efde5f",
	"title": "Pony (Malware Family)",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 27326,
	"plain_text": "Pony (Malware Family)\r\nBy Fraunhofer FKIE\r\nArchived: 2026-04-05 19:59:16 UTC\r\nAccording to KnowBe4, Pony Stealer is a password stealer that can decrypt or unlock passwords for over 110\r\ndifferent applications including VPN, FTP, email, instant messaging, web browsers and much more. Pony Stealer\r\nis very dangerous and once it infects a PC it will turn the device into a botnet, allowing it to use the PCs it infects\r\nto infect other PCs.\r\n[TLP:WHITE] win_pony_auto (20251219 | Detects win.pony.)\r\nSource: https://malpedia.caad.fkie.fraunhofer.de/details/win.pony\r\nhttps://malpedia.caad.fkie.fraunhofer.de/details/win.pony\r\nPage 1 of 1",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://malpedia.caad.fkie.fraunhofer.de/details/win.pony"
	],
	"report_names": [
		"win.pony"
	],
	"threat_actors": [],
	"ts_created_at": 1775434152,
	"ts_updated_at": 1775791320,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/ef28fb59fb67928eaabb3a2c6151174f35efde5f.pdf",
		"text": "https://archive.orkl.eu/ef28fb59fb67928eaabb3a2c6151174f35efde5f.txt",
		"img": "https://archive.orkl.eu/ef28fb59fb67928eaabb3a2c6151174f35efde5f.jpg"
	}
}