Overview

overview

10

Static

static

10

6964ed8c97...18.exe

windows7-x64

7

6964ed8c97...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6964ed8c97d823a92e2386e981c6570d_JaffaCakes118

  • Size

    2.9MB

  • MD5

    6964ed8c97d823a92e2386e981c6570d

  • SHA1

    9733a2c07cb92613a86a1d6fa454fbb1c87eb8a0

  • SHA256

    48f42071aa5d1054ce42b0f572766702d1758166384d2fa1842519d8fc6d567a

  • SHA512

    5994ee5666c0d8e94b9c93f28e245c1b2961c87ed5985c09072da0200b897459e4d788c26e2660a42717dd2c9434b977f4c11403aeac928761c435bf625cec5f

  • SSDEEP

    49152:0I/HvMAiga2kqXwGz+1wrbKGJ2ype7zzBmiAWjk4Gust1it7uZSX:R/Xid2jX7yQZiLJA2kBjt1M7vX

Score
10/10
upxisfbgozi

Malware Config

Extracted

Family

gozi

Signatures

  • Gozi family
    gozi
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 6964ed8c97d823a92e2386e981c6570d_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections