General
-
Target
fb2bdefaf3e258f99686a26372e9ed62_JaffaCakes118
-
Size
5.3MB
-
Sample
240419-zz2hhaff83
-
MD5
fb2bdefaf3e258f99686a26372e9ed62
-
SHA1
9ee367e65346e4930d834c7a7e1e351cc5169907
-
SHA256
71e931d07de2a31c166e37bccfcd1c3262b65620f2ce9dd22463a914ad9e7ee0
-
SHA512
d5cfec7c1462fba975f2d20daa48e5d152251ae5be02b985afbfb9027a61ab8621a0a6435b4bd07f894069e54c0ce1d20ab4497f19f849797781ce2e0a028950
-
SSDEEP
98304:CnQWJps4U23TrIxs0dLgRYXzQa68kN20TZ72ZQUVfgRYXzQa68k:CQeqgDrIHLgRYXzQJVwBfgRYXzQJ
Malware Config
Extracted
gozi
Targets
-
-
Target
fb2bdefaf3e258f99686a26372e9ed62_JaffaCakes118
-
Size
5.3MB
-
MD5
fb2bdefaf3e258f99686a26372e9ed62
-
SHA1
9ee367e65346e4930d834c7a7e1e351cc5169907
-
SHA256
71e931d07de2a31c166e37bccfcd1c3262b65620f2ce9dd22463a914ad9e7ee0
-
SHA512
d5cfec7c1462fba975f2d20daa48e5d152251ae5be02b985afbfb9027a61ab8621a0a6435b4bd07f894069e54c0ce1d20ab4497f19f849797781ce2e0a028950
-
SSDEEP
98304:CnQWJps4U23TrIxs0dLgRYXzQa68kN20TZ72ZQUVfgRYXzQa68k:CQeqgDrIHLgRYXzQJVwBfgRYXzQJ
Score10/10-
Gozi
Gozi is a well-known and widely distributed banking trojan.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-