Extracted

• • Target

    74b46f9f7bf810f9bf7c1c100815fb30_JaffaCakes118

  • Size

    146KB

  • MD5

    74b46f9f7bf810f9bf7c1c100815fb30

  • SHA1

    6a3e0b2ef3346d7dfe56f443e323ad9ad0e68d0e

  • SHA256

    9f9a624349d0f5eaf6d6e9f04bbd26ff20fb904717bc305f0f30752831d2569e

  • SHA512

    7e88f334829a98a3782a40a1eb645ef291641a5585d74efdf82dcc78c8c392452680e1364ae296a19689d11a70b9c63d49b93287f69df064d271d103174cc58b

  • SSDEEP

    3072:6buBwAKZbe2oWWF5K6VVGy5etfIoyZ0TyHexY6ntbJ1KFQ7V9NeH:6KB9KZbe2A55VVL5etwoyZ0mQtN1p7V9

  Score

  10^/10

  ponycollectioncredential_accessdiscoveryratspywarestealer

  • Pony,Fareit

    Pony is a Remote Access Trojan application that steals information.

    ratspywarestealerpony

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Unsecured Credentials: Credentials In Files

    Steal credentials from unsecured files.

    credential_accessstealer

  • Accesses Microsoft Outlook accounts

    collection

  • Accesses Microsoft Outlook profiles

    collection

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2