Behavioral task
behavioral1
Sample
29c545ba1f249f576458ac3657b6b2af_JaffaCakes118.exe
Resource
win7-20240221-en
General
-
Target
29c545ba1f249f576458ac3657b6b2af_JaffaCakes118
-
Size
2.3MB
-
MD5
29c545ba1f249f576458ac3657b6b2af
-
SHA1
ab2f18e51018262ed2665bc25f4fbe35964dd41e
-
SHA256
f04f24441f43eba63d208a3c21c0430a6f47d1c1de095f110d991538a932d76d
-
SHA512
085ca252e7cc3d754067b880caa6424d9af1618bc7f313b8fc8e83cb129b0d68a31602264298084b03b9157bdc1efda92df2ade5ef77ecd5ee1fdd8c850854a8
-
SSDEEP
49152:IjcIy78sbMPDcikCtWOMsrQsDSjVe2ITkQ57gq99LZ6ZrmcMM:I7y78XDqCNM1s+5epeq9BZ6IcMM
Malware Config
Extracted
gozi
Signatures
Files
-
29c545ba1f249f576458ac3657b6b2af_JaffaCakes118.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 2.3MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 783KB - Virtual size: 784KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE