General
-
Target
f99497128b2306c71806f8290cdcd0b3_JaffaCakes118
-
Size
14KB
-
Sample
240419-fvw8faaf9x
-
MD5
f99497128b2306c71806f8290cdcd0b3
-
SHA1
e2ac260d6329fc4f20c343aca73023de88a523e0
-
SHA256
cb215014f6bf97e1e48c57964e2f66b26f5aa24dc91760c06618a74b1feee118
-
SHA512
67f1dcbfb7091d0ab7b55812241d909b6c1ea4b50698fe6b789b5df99f9cd0aa193e167c36cb6e7013c13b74b69c8d37117d68cea4e88802a2e6c4d0c80a762c
-
SSDEEP
192:zawE9e6BACdbQstv7U8vAzN7aVD1xWdj7cEhvM5I21PN1PYIm4bT6aImYpTMmP2:zd/wbp8z4Kd/cEhvMfaIhqoCTJAzM
Behavioral task
behavioral1
Sample
f99497128b2306c71806f8290cdcd0b3_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
gozi
Targets
-
-
Target
f99497128b2306c71806f8290cdcd0b3_JaffaCakes118
-
Size
14KB
-
MD5
f99497128b2306c71806f8290cdcd0b3
-
SHA1
e2ac260d6329fc4f20c343aca73023de88a523e0
-
SHA256
cb215014f6bf97e1e48c57964e2f66b26f5aa24dc91760c06618a74b1feee118
-
SHA512
67f1dcbfb7091d0ab7b55812241d909b6c1ea4b50698fe6b789b5df99f9cd0aa193e167c36cb6e7013c13b74b69c8d37117d68cea4e88802a2e6c4d0c80a762c
-
SSDEEP
192:zawE9e6BACdbQstv7U8vAzN7aVD1xWdj7cEhvM5I21PN1PYIm4bT6aImYpTMmP2:zd/wbp8z4Kd/cEhvMfaIhqoCTJAzM
-
Modifies AppInit DLL entries
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-