General

  • Target

    JaffaCakes118_c731dcecf223e70b090a382243fb1673

  • Size

    92KB

  • Sample

    250119-n7x99sxkbm

  • MD5

    c731dcecf223e70b090a382243fb1673

  • SHA1

    648787e8fc11dfb238494d1246b5d6aeda76ad94

  • SHA256

    2893414729b99df78bfbed0b2f77cce9a24188034dc1ba13b509521fb8300d77

  • SHA512

    9ba316fe6b71c65d5c50658123a2702204f9ae279d79fa57130349b1a7683045a7fcad29b977f23317b8f109ef353ed976443beabd7e26fcc64af2a9ef504a3e

  • SSDEEP

    1536:4iCIG1SWOsV1EG386g0kfkZB2R/20DsiqOvaohBGsmDbZ9T4mHZRsfu/NERmhzeT:44kS3SPsgJBs+8vaoLGsmR9T4eZRJEgu

Malware Config

Targets

    • Target

      JaffaCakes118_c731dcecf223e70b090a382243fb1673

    • Size

      92KB

    • MD5

      c731dcecf223e70b090a382243fb1673

    • SHA1

      648787e8fc11dfb238494d1246b5d6aeda76ad94

    • SHA256

      2893414729b99df78bfbed0b2f77cce9a24188034dc1ba13b509521fb8300d77

    • SHA512

      9ba316fe6b71c65d5c50658123a2702204f9ae279d79fa57130349b1a7683045a7fcad29b977f23317b8f109ef353ed976443beabd7e26fcc64af2a9ef504a3e

    • SSDEEP

      1536:4iCIG1SWOsV1EG386g0kfkZB2R/20DsiqOvaohBGsmDbZ9T4mHZRsfu/NERmhzeT:44kS3SPsgJBs+8vaoLGsmR9T4eZRJEgu

    • Pony family

    • Pony,Fareit

      Pony is a Remote Access Trojan application that steals information.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Unsecured Credentials: Credentials In Files

      Steal credentials from unsecured files.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.