gozi | dd3ca0ab292cef0f2075031ceabee92002a4f0bb34e37f4518fc88047f4743ff | Triage

Submit
Reports

Overview

overview

Static

static

c971021b0d...18.exe

windows7-x64

7

c971021b0d...18.exe

windows10-2004-x64

7

Sharing

General

Target

c971021b0d4d8a5f87e0dbd698dd12bd_JaffaCakes118
Size

14KB
Sample

241205-z5fg8aynfn
MD5

c971021b0d4d8a5f87e0dbd698dd12bd
SHA1

995f7814856df1226de3143a3edf4483d0d6d0fc
SHA256

dd3ca0ab292cef0f2075031ceabee92002a4f0bb34e37f4518fc88047f4743ff
SHA512

072123545ae17610d27a8c4493de6779827360a9507f46c085152b4800b81c1e4d4acfbddf0baf3a8415f41114d181e7d2817678b9b8477262fbd3776fad79a8
SSDEEP

192:f6CUE6u82EfdYLglIS+RJ9XYHdO5SNrh6KBMUOmOzzLcmrajhjkJ:f6o6uFmdY8lJQJ9XYHQ5S9cKImfwaGJ

Score

10^/10

gozi discovery isfb upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

c971021b0d4d8a5f87e0dbd698dd12bd_JaffaCakes118.exe

Resource

win7-20240903-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

c971021b0d4d8a5f87e0dbd698dd12bd_JaffaCakes118.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  c971021b0d4d8a5f87e0dbd698dd12bd_JaffaCakes118
- Size
  
  14KB
- MD5
  
  c971021b0d4d8a5f87e0dbd698dd12bd
- SHA1
  
  995f7814856df1226de3143a3edf4483d0d6d0fc
- SHA256
  
  dd3ca0ab292cef0f2075031ceabee92002a4f0bb34e37f4518fc88047f4743ff
- SHA512
  
  072123545ae17610d27a8c4493de6779827360a9507f46c085152b4800b81c1e4d4acfbddf0baf3a8415f41114d181e7d2817678b9b8477262fbd3776fad79a8
- SSDEEP
  
  192:f6CUE6u82EfdYLglIS+RJ9XYHdO5SNrh6KBMUOmOzzLcmrajhjkJ:f6o6uFmdY8lJQJ9XYHQ5S9cKImfwaGJ
Score

7^/10

discovery upx
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy