Overview

overview

10

Static

static

10

fa19893cbe...18.exe

windows7-x64

7

fa19893cbe...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    fa19893cbea1f8be644c303b69a2af0a_JaffaCakes118

  • Size

    2.9MB

  • MD5

    fa19893cbea1f8be644c303b69a2af0a

  • SHA1

    8ea25dbd15e2713bc81076ddc061732c4b0bc926

  • SHA256

    a4a1810371894450dcf9c0f242506aada026a0b1e425cc6a355a35fc4b82e0a9

  • SHA512

    f1e6c8c713e04786e42ecbedb0e59bc0db4b3dd0b82eba8ef226fb728500a8d16a8e9d8a18002d9c742bccb6f309fa8a99c068024a890791376c59c5199266ed

  • SSDEEP

    49152:p7duzulQx/vbDxwfIXoAxFHe9Baj8BBT4SfcsUjoh48TyMPkXdwkyZ:phP+Puf2JxFHeHau42c1joCjMPkNwk6

Score
10/10
upxisfbgozi

Malware Config

Extracted

Family

gozi

Signatures

  • Gozi family
    gozi
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • fa19893cbea1f8be644c303b69a2af0a_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections