General
-
Target
08c894baef4f0fdcf263f7eeeb9a299a_JaffaCakes118
-
Size
5.6MB
-
Sample
240728-ewtcha1cpd
-
MD5
08c894baef4f0fdcf263f7eeeb9a299a
-
SHA1
2688139255bc58923d0986dfc3ef408cf7ee6cf2
-
SHA256
12f0439729b1a8fa4615b19f37397cae147d62000257e3064fd5cacc18290ae1
-
SHA512
ba1592ea26a9941b5a08ee8866064181226828058e9f54bc02d499cb30ed4f449f06bef6bd8188e4bdafcb1e9c97a9fd6aee12f560aa34e6faba84dd13569ee0
-
SSDEEP
98304:B3peTfKJlClUUsu2xfuEKslMsm11lXNhUmvj6YYdUbuN+Y0j2J8C:BZerKkUU2xf9KaYZ2rdhZ8C
Behavioral task
behavioral1
Sample
08c894baef4f0fdcf263f7eeeb9a299a_JaffaCakes118.exe
Resource
win7-20240704-en
Malware Config
Extracted
gozi
Targets
-
-
Target
08c894baef4f0fdcf263f7eeeb9a299a_JaffaCakes118
-
Size
5.6MB
-
MD5
08c894baef4f0fdcf263f7eeeb9a299a
-
SHA1
2688139255bc58923d0986dfc3ef408cf7ee6cf2
-
SHA256
12f0439729b1a8fa4615b19f37397cae147d62000257e3064fd5cacc18290ae1
-
SHA512
ba1592ea26a9941b5a08ee8866064181226828058e9f54bc02d499cb30ed4f449f06bef6bd8188e4bdafcb1e9c97a9fd6aee12f560aa34e6faba84dd13569ee0
-
SSDEEP
98304:B3peTfKJlClUUsu2xfuEKslMsm11lXNhUmvj6YYdUbuN+Y0j2J8C:BZerKkUU2xf9KaYZ2rdhZ8C
-
XMRig Miner payload
-
Legitimate hosting services abused for malware hosting/C2
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-