Overview

overview

10

Static

static

10

3a5aa3983d...18.exe

windows7-x64

7

3a5aa3983d...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    3a5aa3983dbf407362ed071207b7aac6_JaffaCakes118

  • Size

    2.9MB

  • MD5

    3a5aa3983dbf407362ed071207b7aac6

  • SHA1

    e3f622ec6eb7183e574f4ed4285f68402f2e666b

  • SHA256

    6b0b2006fb5f274b20bfc6573c03bfd72cc10ca0611a138dc5f5c85fd0fcde6c

  • SHA512

    1adea04858b8ca8a36ea01e3a7a48d7f30dacf74cdb41e498e304620f62ce381a60b29c3953f8e82a24bf71db812a5cd3c5d17bcc338cce2e9aaf0525e21cdcd

  • SSDEEP

    49152:pDCjTrqzltctc27FtqyVjOpe0DKRP4M338dB2IBlGuuDVUsdxxjeQZwxPYRKs:pDYGsc2KyVUIgg3gnl/IVUs1jePs

Score
10/10
upxisfbgozi

Malware Config

Extracted

Family

gozi

Signatures

  • Gozi family
    gozi
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3a5aa3983dbf407362ed071207b7aac6_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections