General

  • Target

    f4975bd482a7f54248e3cd545d94ead3_JaffaCakes118

  • Size

    11.7MB

  • MD5

    f4975bd482a7f54248e3cd545d94ead3

  • SHA1

    989a229aa1ad3376270a1a821f9a9ac0a9f6b54e

  • SHA256

    c1e095d045d844dbcf320233f897acc65bc166c75a6350f3ec6c7156d0d8bc69

  • SHA512

    a7f2335337b9680f3fa1937ce0c07690deb82ca7b5dacc7fd2cee8ab3ecb96f0558562f86a550bc3797202421174f06d219114c50dfef652523af57a9f8e1fe5

  • SSDEEP

    196608:CIHHdoPgl/iBiPWhiVFZgl/iBiPxKyd+uPgl/iBiPWhiVFZgl/iBiP:CDP2ioFZ2iNUJ2ioFZ2i

Score
10/10

Malware Config

Extracted

Family

gozi

Signatures

  • Gozi family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • f4975bd482a7f54248e3cd545d94ead3_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections