Extracted

• • Target

    JaffaCakes118_0cddf4f7838316b3bda3b1908a67a665

  • Size

    119KB

  • MD5

    0cddf4f7838316b3bda3b1908a67a665

  • SHA1

    dda0b1ce4cce4a5774f424b254fe6204c6f9a909

  • SHA256

    a77434b524d87cfecf3418fa0fb68648ee12bb74448387f6635093c775ef4099

  • SHA512

    2bba8507ef8f688c4e8b0c41eb4d0c5fc01a3db23648586aebc9ed681061aaef16dc317fdaf2a80c57573b237b2dad9aadbf8d9527b88d5c9cac67c786a18884

  • SSDEEP

    1536:Eu3ddIR7taQdTXuvxlDSOg/Tv3eHKCEijn3iS7xcPm5qitGt66B7nsaLGlGXe6:NylYlDSOuTfiLX7OPmJGt667ngSe6

  Score

  10^/10

  ponycredential_accessdiscoveryratspywarestealer

  • Pony family

    pony

  • Pony,Fareit

    Pony is a Remote Access Trojan application that steals information.

    ratspywarestealerpony

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Unsecured Credentials: Credentials In Files

    Steal credentials from unsecured files.

    credential_accessstealer

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2