Overview

overview

10

Static

static

3

1cfdc1d171...18.exe

windows7-x64

10

1cfdc1d171...18.exe

windows10-2004-x64

10

Resubmissions

02-07-2024 00:01

240702-abamfayanh 10

01-07-2024 23:59

240701-316qdsyajh 10

01-07-2024 23:56

240701-3y4g9a1gjr 10

01-07-2024 23:49

240701-3vbyts1ejq 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1cfdc1d171614dec2d83d1d85d028551_JaffaCakes118

  • Size

    92KB

  • Sample

    240701-316qdsyajh

  • MD5

    1cfdc1d171614dec2d83d1d85d028551

  • SHA1

    7d1ec11608a949572e47fc499d568620fa1f6d5d

  • SHA256

    b475d20cf7e6facb0a9ffa5a51e3ed7d50eeadd3ad90394b14a8989260694e7c

  • SHA512

    2cf2f192bfb263ed4062633a30389ef86e84f5be02d4f2cabc2035b9ecf8568201735ca7d9de8c95d9163d321505db9a9f18302dff100694c9cc7da5497710c9

  • SSDEEP

    1536:7zARgxLF+yZcU5bUriFh751xKn9TZ9egzWwMjB5P3aU9HxTEpZmv8/NA79n/lxiK:7zhpNUeFd49TZ9S3vHCZ3/Ny9n5

Score
10/10
ponyriseprodiscoveryratspywarestealer

Malware Config

Targets

    • Target

      1cfdc1d171614dec2d83d1d85d028551_JaffaCakes118

    • Size

      92KB

    • MD5

      1cfdc1d171614dec2d83d1d85d028551

    • SHA1

      7d1ec11608a949572e47fc499d568620fa1f6d5d

    • SHA256

      b475d20cf7e6facb0a9ffa5a51e3ed7d50eeadd3ad90394b14a8989260694e7c

    • SHA512

      2cf2f192bfb263ed4062633a30389ef86e84f5be02d4f2cabc2035b9ecf8568201735ca7d9de8c95d9163d321505db9a9f18302dff100694c9cc7da5497710c9

    • SSDEEP

      1536:7zARgxLF+yZcU5bUriFh751xKn9TZ9egzWwMjB5P3aU9HxTEpZmv8/NA79n/lxiK:7zhpNUeFd49TZ9S3vHCZ3/Ny9n5

    Score
    10/10
    ponyriseprodiscoveryratspywarestealer

    • Pony,Fareit

      Pony is a Remote Access Trojan application that steals information.

      ratspywarestealerpony

    • RisePro

      RisePro stealer is an infostealer distributed by PrivateLoader.

      stealerrisepro

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

      spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks