Overview

overview

10

Static

static

10

c68bc4b449...18.exe

windows7-x64

7

c68bc4b449...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c68bc4b4494c7b4b1c75525a3e7af20a_JaffaCakes118

  • Size

    2.9MB

  • MD5

    c68bc4b4494c7b4b1c75525a3e7af20a

  • SHA1

    c257088a64b9f1759d161d7232fb6f7b8abb5ffe

  • SHA256

    82e29e0e39af8319cd9a8e454c1712f017460cb4d959286681b57aae0b74c932

  • SHA512

    19bbc38961c017bf7bf2dda5322d25769be7680f9d95646a211e63e501c5e798bc9c917cdc79571cfeedf81966e964fefeca03a21bd14ebf5932855cb5a85729

  • SSDEEP

    49152:nwJ+vL6syajqoltXB5bKycvd2zi4cP4M338dB2IBlGuuDVUsdxxjeQZwxPYRKs:n6meaPXfKT8lcgg3gnl/IVUs1jePs

Score
10/10
upxisfbgozi

Malware Config

Extracted

Family

gozi

Signatures

  • Gozi family
    gozi
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • c68bc4b4494c7b4b1c75525a3e7af20a_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections