General

  • Target

    08c894baef4f0fdcf263f7eeeb9a299a_JaffaCakes118

  • Size

    5.6MB

  • Sample

    240728-ewtcha1cpd

  • MD5

    08c894baef4f0fdcf263f7eeeb9a299a

  • SHA1

    2688139255bc58923d0986dfc3ef408cf7ee6cf2

  • SHA256

    12f0439729b1a8fa4615b19f37397cae147d62000257e3064fd5cacc18290ae1

  • SHA512

    ba1592ea26a9941b5a08ee8866064181226828058e9f54bc02d499cb30ed4f449f06bef6bd8188e4bdafcb1e9c97a9fd6aee12f560aa34e6faba84dd13569ee0

  • SSDEEP

    98304:B3peTfKJlClUUsu2xfuEKslMsm11lXNhUmvj6YYdUbuN+Y0j2J8C:BZerKkUU2xf9KaYZ2rdhZ8C

Score
10/10

Malware Config

Extracted

Family

gozi

Targets

    • Target

      08c894baef4f0fdcf263f7eeeb9a299a_JaffaCakes118

    • Size

      5.6MB

    • MD5

      08c894baef4f0fdcf263f7eeeb9a299a

    • SHA1

      2688139255bc58923d0986dfc3ef408cf7ee6cf2

    • SHA256

      12f0439729b1a8fa4615b19f37397cae147d62000257e3064fd5cacc18290ae1

    • SHA512

      ba1592ea26a9941b5a08ee8866064181226828058e9f54bc02d499cb30ed4f449f06bef6bd8188e4bdafcb1e9c97a9fd6aee12f560aa34e6faba84dd13569ee0

    • SSDEEP

      98304:B3peTfKJlClUUsu2xfuEKslMsm11lXNhUmvj6YYdUbuN+Y0j2J8C:BZerKkUU2xf9KaYZ2rdhZ8C

    Score
    10/10
    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Legitimate hosting services abused for malware hosting/C2

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Enterprise v15

Tasks