General
-
Target
85865e048183849b255c92e609a5fa25_JaffaCakes118
-
Size
137KB
-
Sample
240810-k2565sxfjh
-
MD5
85865e048183849b255c92e609a5fa25
-
SHA1
1b57eb997e7dd89ead0ba07c1df49d7596d9b4e4
-
SHA256
44e16f5ea1d1278346023d64f752003318b89dde6c4bef2e6391d0a1889fca7d
-
SHA512
c269089c733139d3723cc40093e9cb827e627052affa6aceb9c92bdec734b282d6b0645011202cb987f14dd2aa7d118556711566abecd3aa345369dd8c64e3fd
-
SSDEEP
3072:gn/jDWo22LEvQFZFAow6gyLJmD6SIAvsM5aw2:S/jrPO6jJmFDe
Behavioral task
behavioral1
Sample
85865e048183849b255c92e609a5fa25_JaffaCakes118.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
85865e048183849b255c92e609a5fa25_JaffaCakes118.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
gozi
Targets
-
-
Target
85865e048183849b255c92e609a5fa25_JaffaCakes118
-
Size
137KB
-
MD5
85865e048183849b255c92e609a5fa25
-
SHA1
1b57eb997e7dd89ead0ba07c1df49d7596d9b4e4
-
SHA256
44e16f5ea1d1278346023d64f752003318b89dde6c4bef2e6391d0a1889fca7d
-
SHA512
c269089c733139d3723cc40093e9cb827e627052affa6aceb9c92bdec734b282d6b0645011202cb987f14dd2aa7d118556711566abecd3aa345369dd8c64e3fd
-
SSDEEP
3072:gn/jDWo22LEvQFZFAow6gyLJmD6SIAvsM5aw2:S/jrPO6jJmFDe
Score8/10-
Server Software Component: Terminal Services DLL
-
Loads dropped DLL
-
Drops file in System32 directory
-