Extracted

• • Target

    dbf517a2f5814039ffd12dbd0dd1415e_JaffaCakes118

  • Size

    147KB

  • MD5

    dbf517a2f5814039ffd12dbd0dd1415e

  • SHA1

    e994fc9807f81f657040f92d57a2143b7aa01749

  • SHA256

    aa691fc0b9635943ee699e1261791a5989285ebc860c67954d7af547b8d9f1b0

  • SHA512

    e84636a4353b420cb27048eb827826454cea9d41b0dee9ea35049087f1bf00e117f44b5cfbe96f865d907f462d6d37cc211c891455549bd50044ed4c5e9682be

  • SSDEEP

    3072:X4qh+SZieevURWyuDZvP9lYYWrbbHeiWH0k6wmxik6gKLM8XFmg0:KK105yuDZv1OYWviuRik6pLvF

  Score

  10^/10

  ponycollectioncredential_accessdiscoveryratspywarestealer

  • Pony family

    pony

  • Pony,Fareit

    Pony is a Remote Access Trojan application that steals information.

    ratspywarestealerpony

  • Deletes itself

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Unsecured Credentials: Credentials In Files

    Steal credentials from unsecured files.

    credential_accessstealer

  • Accesses Microsoft Outlook accounts

    collection

  • Accesses Microsoft Outlook profiles

    collection

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2