Overview

overview

10

Static

static

3

fd1e4f73c7...18.dll

windows7-x64

10

fd1e4f73c7...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fd1e4f73c73ef7ec1470f18cba237c9b_JaffaCakes118

  • Size

    76KB

  • Sample

    241218-zygfyasnbn

  • MD5

    fd1e4f73c73ef7ec1470f18cba237c9b

  • SHA1

    5ce0557000d01c7e10a1d5edf12adfcc9fb8bab9

  • SHA256

    8881c2770985cdbc7a421c808e7140705f860f1b1993ceec5d00dc2bb0abd1c0

  • SHA512

    33de3d5f8943f692faa93daee4b17de89244f8a5d566ec53b68b67b5dda2cc0c4918ef2e570bf57c533c302ce94f8ceabd7a9c8feb51f4a3509ad728460559e7

  • SSDEEP

    1536:2r3EteMntGkJc10hZYttFqJvhmjK5ZxMbnKrH7GcUbmRykMj9nlmxyRC:s38eMnY5WhOq1kjKrxMrKrH7GHttlmw

Score
10/10
ponycredential_accessdiscoveryratspywarestealerupx

Malware Config

Targets

    • Target

      fd1e4f73c73ef7ec1470f18cba237c9b_JaffaCakes118

    • Size

      76KB

    • MD5

      fd1e4f73c73ef7ec1470f18cba237c9b

    • SHA1

      5ce0557000d01c7e10a1d5edf12adfcc9fb8bab9

    • SHA256

      8881c2770985cdbc7a421c808e7140705f860f1b1993ceec5d00dc2bb0abd1c0

    • SHA512

      33de3d5f8943f692faa93daee4b17de89244f8a5d566ec53b68b67b5dda2cc0c4918ef2e570bf57c533c302ce94f8ceabd7a9c8feb51f4a3509ad728460559e7

    • SSDEEP

      1536:2r3EteMntGkJc10hZYttFqJvhmjK5ZxMbnKrH7GcUbmRykMj9nlmxyRC:s38eMnY5WhOq1kjKrxMrKrH7GHttlmw

    Score
    10/10
    ponycredential_accessdiscoveryratspywarestealerupx

    • Pony family

      pony

    • Pony,Fareit

      Pony is a Remote Access Trojan application that steals information.

      ratspywarestealerpony

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

      spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Unsecured Credentials: Credentials In Files

      Steal credentials from unsecured files.

      credential_accessstealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks