Extracted

• • Target

    JaffaCakes118_46dca9d80b3016095a51acac748584e4

  • Size

    139KB

  • MD5

    46dca9d80b3016095a51acac748584e4

  • SHA1

    4915f6e5d68c6d22b785f7fa8bd879b1fb3bc50f

  • SHA256

    5f35569da5317c051feca31973b10c64a8b7bc9a967f20dabfe5176bd5612af8

  • SHA512

    925b469b70c7bb144800646080f134146c3141413b09e898baa4f44a37dded3efd9eaed7b37147dba7e27f1749c6a63ea71e26deffc4548305c046584e987edb

  • SSDEEP

    3072:I3CnlHa5rS831H4tmBLLo19zkbUAhRG8S+Hcpv3jQy9uLP:aulHa5rS831HHBLc1fQRGeHcd3jB9uLP

  Score

  10^/10

  ponycredential_accessdiscoveryratspywarestealer

  • Pony family

    pony

  • Pony,Fareit

    Pony is a Remote Access Trojan application that steals information.

    ratspywarestealerpony

  • Reads data files stored by FTP clients

    Tries to access configuration files associated with programs like FileZilla.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Unsecured Credentials: Credentials In Files

    Steal credentials from unsecured files.

    credential_accessstealer

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2