Overview

overview

10

Static

static

10

f67b75a0b0...18.exe

windows7-x64

7

f67b75a0b0...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f67b75a0b06fb4136490a4a0b527244f_JaffaCakes118

  • Size

    2.9MB

  • Sample

    240417-xyzamsbd75

  • MD5

    f67b75a0b06fb4136490a4a0b527244f

  • SHA1

    d707e7e34eba984a9e9ab4f0fbcdf70bc53e8cbd

  • SHA256

    4d31f6f9a846c99c6506a6d87ec8ad2bcc61219cb6927ad41961c3c89a62fddf

  • SHA512

    8b6ac45c606e9342d811f3b64f58d333c679c845695b26a95dbfd5c5b4759709f8b38646ae9079cdea7bbd05cfa20e8eb76a73ecfe5615b4df05d018d79e39f0

  • SSDEEP

    49152:KI2uPkn5zTHEznnIQ7PNo1USGmBuP2OfUM4+RW6WLM1VxZd:KI25nN7EbICm1TtQjhM6WINZd

Score
10/10
goziisfbupx

Malware Config

Extracted

Family

gozi

Targets

    • Target

      f67b75a0b06fb4136490a4a0b527244f_JaffaCakes118

    • Size

      2.9MB

    • MD5

      f67b75a0b06fb4136490a4a0b527244f

    • SHA1

      d707e7e34eba984a9e9ab4f0fbcdf70bc53e8cbd

    • SHA256

      4d31f6f9a846c99c6506a6d87ec8ad2bcc61219cb6927ad41961c3c89a62fddf

    • SHA512

      8b6ac45c606e9342d811f3b64f58d333c679c845695b26a95dbfd5c5b4759709f8b38646ae9079cdea7bbd05cfa20e8eb76a73ecfe5615b4df05d018d79e39f0

    • SSDEEP

      49152:KI2uPkn5zTHEznnIQ7PNo1USGmBuP2OfUM4+RW6WLM1VxZd:KI25nN7EbICm1TtQjhM6WINZd

    Score
    7/10
    upx

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks