General
-
Target
07539fbae4f0506bb52e86f7fc5dd695_JaffaCakes118
-
Size
6.4MB
-
Sample
240728-dz3vnsyflg
-
MD5
07539fbae4f0506bb52e86f7fc5dd695
-
SHA1
0cff35def432dca04a4ec9026487727582f1be50
-
SHA256
49e5353bb73ca1af61934b468981ba6d35d6dcbf9bcc4c96b0ae39ddcab8ce0d
-
SHA512
d1f1373cd6f7d9939003e32b68fc9e132c7c57722accb907f5ebbea39d6af4557602cd6bd3fac3cc0815a96685fa3587b40036899c83c61a78eaefe249d8a838
-
SSDEEP
98304:o7+akjAyFdm5suUjui/GRW4Y4HBKL/vaAjkq9FWL79k:4+aknuUXEW4YKQaKkOWLpk
Behavioral task
behavioral1
Sample
07539fbae4f0506bb52e86f7fc5dd695_JaffaCakes118.exe
Resource
win7-20240729-en
Malware Config
Extracted
gozi
Targets
-
-
Target
07539fbae4f0506bb52e86f7fc5dd695_JaffaCakes118
-
Size
6.4MB
-
MD5
07539fbae4f0506bb52e86f7fc5dd695
-
SHA1
0cff35def432dca04a4ec9026487727582f1be50
-
SHA256
49e5353bb73ca1af61934b468981ba6d35d6dcbf9bcc4c96b0ae39ddcab8ce0d
-
SHA512
d1f1373cd6f7d9939003e32b68fc9e132c7c57722accb907f5ebbea39d6af4557602cd6bd3fac3cc0815a96685fa3587b40036899c83c61a78eaefe249d8a838
-
SSDEEP
98304:o7+akjAyFdm5suUjui/GRW4Y4HBKL/vaAjkq9FWL79k:4+aknuUXEW4YKQaKkOWLpk
-
XMRig Miner payload
-
Legitimate hosting services abused for malware hosting/C2
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-