gozi | ca2e70225952e6aeb99cf6fb13676d6c7fabaf827f1872a8d550db9e14ce49be | Triage

Sharing

General

Target

JaffaCakes118_1ccc4b50a35fffe6d4adc67edcd66ea0
Size

33KB
Sample

250222-2xrxds1jax
MD5

1ccc4b50a35fffe6d4adc67edcd66ea0
SHA1

ae59b4d3dc097d076a25babf69fd42949be1ea78
SHA256

ca2e70225952e6aeb99cf6fb13676d6c7fabaf827f1872a8d550db9e14ce49be
SHA512

48ba8a1f890ad69d06d7bcabfb44c33e4f03ad90fc4706abb2d6ece26996aa31831fa2cf18c7200ca696542ce0485bc34d925a2f65ce1d7091f58e8e5241b78d
SSDEEP

384:1+a+qRDRFHXU9Kceb4or+EikMRTHV0lTEZEEZeaCfmDsFI3:+qhRJczy+EixTHV0lgZLe/MsFk

Score

10^/10

gozi discovery isfb

Malware Config

Extracted

Family

gozi

Targets

- Target
  
  JaffaCakes118_1ccc4b50a35fffe6d4adc67edcd66ea0
- Size
  
  33KB
- MD5
  
  1ccc4b50a35fffe6d4adc67edcd66ea0
- SHA1
  
  ae59b4d3dc097d076a25babf69fd42949be1ea78
- SHA256
  
  ca2e70225952e6aeb99cf6fb13676d6c7fabaf827f1872a8d550db9e14ce49be
- SHA512
  
  48ba8a1f890ad69d06d7bcabfb44c33e4f03ad90fc4706abb2d6ece26996aa31831fa2cf18c7200ca696542ce0485bc34d925a2f65ce1d7091f58e8e5241b78d
- SSDEEP
  
  384:1+a+qRDRFHXU9Kceb4or+EikMRTHV0lTEZEEZeaCfmDsFI3:+qhRJczy+EixTHV0lgZLe/MsFk
Score

7^/10

discovery
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2