General
-
Target
46e6c3cbf8a7090d1639da8a01c510c0_JaffaCakes118
-
Size
95KB
-
Sample
240729-pq3n4asgka
-
MD5
46e6c3cbf8a7090d1639da8a01c510c0
-
SHA1
1fbb273e529635bb4fa20ddb5aef1f280052ec04
-
SHA256
7e881e90e1238e7088dc3e9cb7c380af38f00f4df827da8289534fc6c7d7d3d7
-
SHA512
1975512fbaa66f11904252facd3622d2cf053ccd18efc51ecd2e319469605c88d64bd8a6264f61f668c304f99cd7c4d6d302f72b57e61ab4d39c14b3775220ad
-
SSDEEP
1536:+uCVt72eqTkn0mCpZnMXSlEGg/kdndKPOLPuzvGE6QkzmQiFbKaH:NCVgICPMXSlEGgEcPO9E6sQiF1H
Malware Config
Targets
-
-
Target
46e6c3cbf8a7090d1639da8a01c510c0_JaffaCakes118
-
Size
95KB
-
MD5
46e6c3cbf8a7090d1639da8a01c510c0
-
SHA1
1fbb273e529635bb4fa20ddb5aef1f280052ec04
-
SHA256
7e881e90e1238e7088dc3e9cb7c380af38f00f4df827da8289534fc6c7d7d3d7
-
SHA512
1975512fbaa66f11904252facd3622d2cf053ccd18efc51ecd2e319469605c88d64bd8a6264f61f668c304f99cd7c4d6d302f72b57e61ab4d39c14b3775220ad
-
SSDEEP
1536:+uCVt72eqTkn0mCpZnMXSlEGg/kdndKPOLPuzvGE6QkzmQiFbKaH:NCVgICPMXSlEGgEcPO9E6sQiF1H
Score10/10-
Pony,Fareit
Pony is a Remote Access Trojan application that steals information.
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-