Overview

overview

10

Static

static

10

fb26030b51...18.exe

windows7-x64

7

fb26030b51...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fb26030b510e34b87d21fa1db5faab74_JaffaCakes118

  • Size

    11.7MB

  • Sample

    240419-zqfjnsgb3x

  • MD5

    fb26030b510e34b87d21fa1db5faab74

  • SHA1

    695cb2f941a42cdb02dabb1fbe55e314e3380996

  • SHA256

    16a434154df62d4d399befd2dbcb4371aee542ed034de77edce2ee6570d4bdab

  • SHA512

    4d90d4d1f72242d251463dac6308b326dc1e7665dffa08151e5214e579900d5c99e14df3aa85a35091774bbbf433f0b1e99d225d3ef885a882533ac48b4d238b

  • SSDEEP

    196608:V4yNIY51bWCcXf3o2WCfuuoWCcXf3o2WC:egI8+ffZuuo+ff

Score
10/10
goziisfbupx

Malware Config

Extracted

Family

gozi

Targets

    • Target

      fb26030b510e34b87d21fa1db5faab74_JaffaCakes118

    • Size

      11.7MB

    • MD5

      fb26030b510e34b87d21fa1db5faab74

    • SHA1

      695cb2f941a42cdb02dabb1fbe55e314e3380996

    • SHA256

      16a434154df62d4d399befd2dbcb4371aee542ed034de77edce2ee6570d4bdab

    • SHA512

      4d90d4d1f72242d251463dac6308b326dc1e7665dffa08151e5214e579900d5c99e14df3aa85a35091774bbbf433f0b1e99d225d3ef885a882533ac48b4d238b

    • SSDEEP

      196608:V4yNIY51bWCcXf3o2WCfuuoWCcXf3o2WC:egI8+ffZuuo+ff

    Score
    7/10
    upx

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks