General
-
Target
f2a253e558976d2d90c49d5154ffe1b8_JaffaCakes118
-
Size
99KB
-
Sample
240923-tmev3ssbmr
-
MD5
f2a253e558976d2d90c49d5154ffe1b8
-
SHA1
527acecd863143b49546317bb4611fea134b442b
-
SHA256
d8420ed0c4c492a51f9c7906d590002de6ec86c4b10dad22c33272615a658d84
-
SHA512
0053d0d2169d10a287f2d01ee6d9b3a4182d5f97ef58cdb3fd66d865c6969df1b0a7b72e3be3b2892aaa9b2ec18152f43216b4da9d2b71142fb2cd737e4db88a
-
SSDEEP
1536:o0Y1VvGT7BhfHCPp5l+TA6vorP4kFl4lRAPgRrrueZOpEPeH:o0YLefCx7+TdCJPErueZOiWH
Malware Config
Targets
-
-
Target
f2a253e558976d2d90c49d5154ffe1b8_JaffaCakes118
-
Size
99KB
-
MD5
f2a253e558976d2d90c49d5154ffe1b8
-
SHA1
527acecd863143b49546317bb4611fea134b442b
-
SHA256
d8420ed0c4c492a51f9c7906d590002de6ec86c4b10dad22c33272615a658d84
-
SHA512
0053d0d2169d10a287f2d01ee6d9b3a4182d5f97ef58cdb3fd66d865c6969df1b0a7b72e3be3b2892aaa9b2ec18152f43216b4da9d2b71142fb2cd737e4db88a
-
SSDEEP
1536:o0Y1VvGT7BhfHCPp5l+TA6vorP4kFl4lRAPgRrrueZOpEPeH:o0YLefCx7+TdCJPErueZOiWH
Score10/10-
Pony,Fareit
Pony is a Remote Access Trojan application that steals information.
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-