Overview

overview

10

Static

static

10

f4975bd482...18.exe

windows7-x64

7

f4975bd482...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    f4975bd482a7f54248e3cd545d94ead3_JaffaCakes118

  • Size

    11.7MB

  • MD5

    f4975bd482a7f54248e3cd545d94ead3

  • SHA1

    989a229aa1ad3376270a1a821f9a9ac0a9f6b54e

  • SHA256

    c1e095d045d844dbcf320233f897acc65bc166c75a6350f3ec6c7156d0d8bc69

  • SHA512

    a7f2335337b9680f3fa1937ce0c07690deb82ca7b5dacc7fd2cee8ab3ecb96f0558562f86a550bc3797202421174f06d219114c50dfef652523af57a9f8e1fe5

  • SSDEEP

    196608:CIHHdoPgl/iBiPWhiVFZgl/iBiPxKyd+uPgl/iBiPWhiVFZgl/iBiP:CDP2ioFZ2iNUJ2ioFZ2i

Score
10/10
upxisfbgozi

Malware Config

Extracted

Family

gozi

Signatures

  • Gozi family
    gozi
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • f4975bd482a7f54248e3cd545d94ead3_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections