General
-
Target
c9b821f8470bc74543a5e534b038c7b1_JaffaCakes118
-
Size
98KB
-
Sample
240829-1ycnestdpf
-
MD5
c9b821f8470bc74543a5e534b038c7b1
-
SHA1
ffe132b5feea94d9f95b579d31bba93252d63227
-
SHA256
13256cb049b0ab0c03ca9d30342d378beb8b1e5235a1e923de0f29396e074aa5
-
SHA512
88a75802b138b28497e7d88fba61f4a145cbf981a2b8ea77a7418f89fd47f96a8ef8f501929829c01eb89948ac3bb21f18cb3ff4daf57ccba4649b9865ced8b0
-
SSDEEP
1536:PQBsamzTqTqfevQy6YBRsD38EdZ+S4v7ORYFVdvrvLkzb5yM/B+eE:Y+9zk6YcD38dBOR+VOYM/B+
Malware Config
Targets
-
-
Target
c9b821f8470bc74543a5e534b038c7b1_JaffaCakes118
-
Size
98KB
-
MD5
c9b821f8470bc74543a5e534b038c7b1
-
SHA1
ffe132b5feea94d9f95b579d31bba93252d63227
-
SHA256
13256cb049b0ab0c03ca9d30342d378beb8b1e5235a1e923de0f29396e074aa5
-
SHA512
88a75802b138b28497e7d88fba61f4a145cbf981a2b8ea77a7418f89fd47f96a8ef8f501929829c01eb89948ac3bb21f18cb3ff4daf57ccba4649b9865ced8b0
-
SSDEEP
1536:PQBsamzTqTqfevQy6YBRsD38EdZ+S4v7ORYFVdvrvLkzb5yM/B+eE:Y+9zk6YcD38dBOR+VOYM/B+
Score10/10-
Pony,Fareit
Pony is a Remote Access Trojan application that steals information.
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-