General
-
Target
7f6b5ac84cc94d81a7f7ca2dfe078f66_JaffaCakes118
-
Size
667KB
-
Sample
240801-grhfjsvhrp
-
MD5
7f6b5ac84cc94d81a7f7ca2dfe078f66
-
SHA1
80fb55808a563cec68d4f5b565dec7943aae85e9
-
SHA256
48715d5a940ee89fefba1cb8dbfafdcfed3c9258073c511770ff9324b69c5750
-
SHA512
c729a355c2e93b8a0e775d141fbaa2257e7e394fb7fc381a3ddfa2803f09cc035bf3130c263da5bf7d6ea22ca881a689054e7d59a73db7c05036bfa2d48b6692
-
SSDEEP
12288:uxsbzgQj68qJ7ce4/wrI8U8Bl2HHE7lxauBswgavoSpW2JY:oOzgPloebrISvQMh6wjTW4
Behavioral task
behavioral1
Sample
7f6b5ac84cc94d81a7f7ca2dfe078f66_JaffaCakes118.exe
Resource
win7-20240729-en
Malware Config
Extracted
gozi
Targets
-
-
Target
7f6b5ac84cc94d81a7f7ca2dfe078f66_JaffaCakes118
-
Size
667KB
-
MD5
7f6b5ac84cc94d81a7f7ca2dfe078f66
-
SHA1
80fb55808a563cec68d4f5b565dec7943aae85e9
-
SHA256
48715d5a940ee89fefba1cb8dbfafdcfed3c9258073c511770ff9324b69c5750
-
SHA512
c729a355c2e93b8a0e775d141fbaa2257e7e394fb7fc381a3ddfa2803f09cc035bf3130c263da5bf7d6ea22ca881a689054e7d59a73db7c05036bfa2d48b6692
-
SSDEEP
12288:uxsbzgQj68qJ7ce4/wrI8U8Bl2HHE7lxauBswgavoSpW2JY:oOzgPloebrISvQMh6wjTW4
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-