Extracted

• • Target

    8fc72cccc60276a44915d700ab7f9840_JaffaCakes118

  • Size

    99KB

  • MD5

    8fc72cccc60276a44915d700ab7f9840

  • SHA1

    6afdf58921f5fb8a25efa3fd4ae8ee5048652325

  • SHA256

    e864d05edb290c89bd37c3a1e111adef18c2af35180736d91456c89edf139a15

  • SHA512

    504b727a0e24c669a9b266091f881e98ed855cd8887f0faec1717e7e9153a6e96add27247d5952b9d46adacf3f5de842eceecf33e5764199929f32a978914a91

  • SSDEEP

    1536:78K9wl0uOoXi+XF47YRP08VTtuTTN1ZsGWpaNbity8PT7zIPX2sI:7dDoXb2qP0vTTN/cp4bitF7zIPX2

  Score

  10^/10

  ponycollectioncredential_accessdiscoveryratspywarestealer

  • Pony family

    pony

  • Pony,Fareit

    Pony is a Remote Access Trojan application that steals information.

    ratspywarestealerpony

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Deletes itself

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Unsecured Credentials: Credentials In Files

    Steal credentials from unsecured files.

    credential_accessstealer

  • Accesses Microsoft Outlook accounts

    collection

  • Accesses Microsoft Outlook profiles

    collection

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2