General

  • Target

    3e7e3187fa9ba4daf323781d9d249595_JaffaCakes118

  • Size

    15KB

  • Sample

    240712-xlsx4aybkc

  • MD5

    3e7e3187fa9ba4daf323781d9d249595

  • SHA1

    1f84107c6131ddba6938da5b8b13de5e07f17038

  • SHA256

    be148e027aec352e1a0c4c01bf1722155905bc164592f218de1c0211da34e144

  • SHA512

    043b30787ba4ba51b3ebdd00853485325cad7d75b8adf5161e1020041a3060a95092c2151b68983f93d53e1f000b6e659cb5b48655b2fe277c9cb5e1be6b9906

  • SSDEEP

    384:j0NnaMKVMcAsJIqVNyS88JsMYikBbLf+Yv:j0NnaMEZDJIquS88JRwB/1v

Score
10/10

Malware Config

Extracted

Family

gozi

Targets

    • Target

      3e7e3187fa9ba4daf323781d9d249595_JaffaCakes118

    • Size

      15KB

    • MD5

      3e7e3187fa9ba4daf323781d9d249595

    • SHA1

      1f84107c6131ddba6938da5b8b13de5e07f17038

    • SHA256

      be148e027aec352e1a0c4c01bf1722155905bc164592f218de1c0211da34e144

    • SHA512

      043b30787ba4ba51b3ebdd00853485325cad7d75b8adf5161e1020041a3060a95092c2151b68983f93d53e1f000b6e659cb5b48655b2fe277c9cb5e1be6b9906

    • SSDEEP

      384:j0NnaMKVMcAsJIqVNyS88JsMYikBbLf+Yv:j0NnaMEZDJIquS88JRwB/1v

    Score
    7/10
    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks