gozi | 48f42071aa5d1054ce42b0f572766702d1758166384d2fa1842519d8fc6d567a | Triage

Submit
Reports

Overview

overview

Static

static

6964ed8c97...18.exe

windows7-x64

7

6964ed8c97...18.exe

windows10-2004-x64

7

Sharing

General

Target

6964ed8c97d823a92e2386e981c6570d_JaffaCakes118
Size

2.9MB
Sample

241022-hq759avenk
MD5

6964ed8c97d823a92e2386e981c6570d
SHA1

9733a2c07cb92613a86a1d6fa454fbb1c87eb8a0
SHA256

48f42071aa5d1054ce42b0f572766702d1758166384d2fa1842519d8fc6d567a
SHA512

5994ee5666c0d8e94b9c93f28e245c1b2961c87ed5985c09072da0200b897459e4d788c26e2660a42717dd2c9434b977f4c11403aeac928761c435bf625cec5f
SSDEEP

49152:0I/HvMAiga2kqXwGz+1wrbKGJ2ype7zzBmiAWjk4Gust1it7uZSX:R/Xid2jX7yQZiLJA2kBjt1M7vX

Score

10^/10

gozi discovery isfb upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

6964ed8c97d823a92e2386e981c6570d_JaffaCakes118.exe

Resource

win7-20240708-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

6964ed8c97d823a92e2386e981c6570d_JaffaCakes118.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  6964ed8c97d823a92e2386e981c6570d_JaffaCakes118
- Size
  
  2.9MB
- MD5
  
  6964ed8c97d823a92e2386e981c6570d
- SHA1
  
  9733a2c07cb92613a86a1d6fa454fbb1c87eb8a0
- SHA256
  
  48f42071aa5d1054ce42b0f572766702d1758166384d2fa1842519d8fc6d567a
- SHA512
  
  5994ee5666c0d8e94b9c93f28e245c1b2961c87ed5985c09072da0200b897459e4d788c26e2660a42717dd2c9434b977f4c11403aeac928761c435bf625cec5f
- SSDEEP
  
  49152:0I/HvMAiga2kqXwGz+1wrbKGJ2ype7zzBmiAWjk4Gust1it7uZSX:R/Xid2jX7yQZiLJA2kBjt1M7vX
Score

7^/10

discovery upx
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy