Extracted

• • Target

    eb6a663833d81c3fb6ec63f1b32b19ee_JaffaCakes118

  • Size

    89KB

  • MD5

    eb6a663833d81c3fb6ec63f1b32b19ee

  • SHA1

    19271a4ef2a65a321c4a857e9d93158bbdfc06d3

  • SHA256

    04a73693312b7ac4b07e3e12db019cc9c224418f331426a15b2d2904167c0070

  • SHA512

    2df1c5a21267d60939285b0ab4adeb40a9133794e587d59cbd96e63dcf214ca4a0ac05893e848fa1e91255fce8fa48e3e91060cf37f7cfa8caedc1db1ab1bd7c

  • SSDEEP

    1536:/KRcDtcoJqTTi3YUZ7ozn6uI61Os110mEkOZMkmtMTvHEK/kzmz:yRu3qdI6NOC9QEK/z

  Score

  10^/10

  ponycollectioncredential_accessdiscoveryratspywarestealer

  • Pony,Fareit

    Pony is a Remote Access Trojan application that steals information.

    ratspywarestealerpony

  • Credentials from Password Stores: Credentials from Web Browsers

    Malicious Access or copy of Web Browser Credential store.

    credential_accessstealer

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Unsecured Credentials: Credentials In Files

    Steal credentials from unsecured files.

    credential_accessstealer

  • Accesses Microsoft Outlook accounts

    collection

  • Accesses Microsoft Outlook profiles

    collection

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2