Extracted

• • Target

    adbcefc71e9a8bd1b5d8679889020d10_JaffaCakes118

  • Size

    94KB

  • MD5

    adbcefc71e9a8bd1b5d8679889020d10

  • SHA1

    58dfa987e59198b82fbfa3c894e1f23f8ba21b4b

  • SHA256

    fcb481d9689fc4a99ebef78a43ec4775b6dbbc47f57fae924cbb15da68e2a4cc

  • SHA512

    6fb00c6d8a21955d88a2be536d9aa1ba0156c17a4e3000ddbef3f0e6d5a305ebd2fb3717c06df9b1ad9bfc28aebb0ee776817779cd26a7b14c14375d00d95cfc

  • SSDEEP

    1536:5721spIM1GEN2fa0opyBDwgpbj/Gepti05TYqf6IEmMIjDS1:572G2M1GEEf8kRMepB1fA

  Score

  10^/10

  ponycollectioncredential_accessdefense_evasiondiscoveryratspywarestealerupx

  • Pony family

    pony

  • Pony,Fareit

    Pony is a Remote Access Trojan application that steals information.

    ratspywarestealerpony

  • Drops file in Drivers directory

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Unsecured Credentials: Credentials In Files

    Steal credentials from unsecured files.

    credential_accessstealer

  • Accesses Microsoft Outlook accounts

    collection

  • Accesses Microsoft Outlook profiles

    collection

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Hide Artifacts: Hidden Files and Directories

    defense_evasion

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2