Extracted

• • Target

    d91891480fb5685615771b8c432e5f77_JaffaCakes118

  • Size

    127KB

  • MD5

    d91891480fb5685615771b8c432e5f77

  • SHA1

    08182415178b18b4feb0c6463ededa3c8639436d

  • SHA256

    5e3af7af102a27cf19ba60b23d2b4028370b7e55639b8afa9a27108a8fa4c343

  • SHA512

    b9a34f51b381fbebd7485757f0c51bb9484bbfb6219de644b29a3cf2bc2b146fae8aa65300dc7b4e9d098b7ec2c1ccbe794b1962f2084aee2b11c3920abcb84c

  • SSDEEP

    3072:Xw+kdwqiBCKKM2TOsZwBApR1/7PJVlQ+Cpc2yDVeLt:Xw+kdTioKKM2bwBApR1lVuZpmo

  Score

  10^/10

  ponycredential_accessdiscoveryratspywarestealer

  • Pony,Fareit

    Pony is a Remote Access Trojan application that steals information.

    ratspywarestealerpony

  • Credentials from Password Stores: Credentials from Web Browsers

    Malicious Access or copy of Web Browser Credential store.

    credential_accessstealer

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Unsecured Credentials: Credentials In Files

    Steal credentials from unsecured files.

    credential_accessstealer

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2