General
-
Target
79bbea0aa018d8a80dfdad737e2a8d4d_JaffaCakes118
-
Size
547KB
-
Sample
240730-x4pndsvblk
-
MD5
79bbea0aa018d8a80dfdad737e2a8d4d
-
SHA1
6fa46953bea4ffcb88a1f67b0a14716ec4f91f42
-
SHA256
afd42e8cf12186d2cac8c214f0a5788cd5b5832cc308ff0bda64123f0a9886f9
-
SHA512
a416aae513c498001fc337f36678c77fd892f071da3ddc11a6c47eb3684effab5ff7fd215c6848d553cd8fd7db8a22f1d4988b37057fc82fa7fa0c2a05310ebf
-
SSDEEP
12288:UecEEfVutWZ9dIeC9i51PTHhMV+UnCojCQFbul1r4GS4N5Dp:DKVwLyTHhQnIT4GdN
Behavioral task
behavioral1
Sample
79bbea0aa018d8a80dfdad737e2a8d4d_JaffaCakes118.exe
Resource
win7-20240708-en
Malware Config
Extracted
gozi
Extracted
gozi
Targets
-
-
Target
79bbea0aa018d8a80dfdad737e2a8d4d_JaffaCakes118
-
Size
547KB
-
MD5
79bbea0aa018d8a80dfdad737e2a8d4d
-
SHA1
6fa46953bea4ffcb88a1f67b0a14716ec4f91f42
-
SHA256
afd42e8cf12186d2cac8c214f0a5788cd5b5832cc308ff0bda64123f0a9886f9
-
SHA512
a416aae513c498001fc337f36678c77fd892f071da3ddc11a6c47eb3684effab5ff7fd215c6848d553cd8fd7db8a22f1d4988b37057fc82fa7fa0c2a05310ebf
-
SSDEEP
12288:UecEEfVutWZ9dIeC9i51PTHhMV+UnCojCQFbul1r4GS4N5Dp:DKVwLyTHhQnIT4GdN
-
Executes dropped EXE
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Drops file in System32 directory
-