General
-
Target
JaffaCakes118_6e301fac858129220351cb9b1996df2f
-
Size
182KB
-
Sample
250103-vslfgstrhw
-
MD5
6e301fac858129220351cb9b1996df2f
-
SHA1
38a87bff9990b91db801ec71705eb1a814cdbde1
-
SHA256
c00b629cf4a5209abcbcdde01bddab815ac0750190467cea5616cf633c4b0530
-
SHA512
9fb136497c09100c64f3aeb6131886185d8bcf327720eddd89883125123e42cb04bc7935238e2b91a12c0a1e7fd3308bb973611832d2705b7886cc5deb74ff79
-
SSDEEP
1536:E3Srr6PLburoisC9TxSBVMxegH6/BK4BjzC0pvisNXPLvLPqphJZksgREvNXMWG:E3SrSu8iGiz0w4vVzmkscE18Coo
Malware Config
Targets
-
-
Target
JaffaCakes118_6e301fac858129220351cb9b1996df2f
-
Size
182KB
-
MD5
6e301fac858129220351cb9b1996df2f
-
SHA1
38a87bff9990b91db801ec71705eb1a814cdbde1
-
SHA256
c00b629cf4a5209abcbcdde01bddab815ac0750190467cea5616cf633c4b0530
-
SHA512
9fb136497c09100c64f3aeb6131886185d8bcf327720eddd89883125123e42cb04bc7935238e2b91a12c0a1e7fd3308bb973611832d2705b7886cc5deb74ff79
-
SSDEEP
1536:E3Srr6PLburoisC9TxSBVMxegH6/BK4BjzC0pvisNXPLvLPqphJZksgREvNXMWG:E3SrSu8iGiz0w4vVzmkscE18Coo
Score10/10-
Pony family
-
Pony,Fareit
Pony is a Remote Access Trojan application that steals information.
-
Reads data files stored by FTP clients
Tries to access configuration files associated with programs like FileZilla.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Unsecured Credentials: Credentials In Files
Steal credentials from unsecured files.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-