General

  • Target

    JaffaCakes118_672152ad8c189380349edef856289cdd

  • Size

    13KB

  • Sample

    250311-y6djkstmx9

  • MD5

    672152ad8c189380349edef856289cdd

  • SHA1

    34ed78c3decf5cec41695fb019bb7d971c304258

  • SHA256

    2f54807cceeb81f637cb647eeaaa37514a90c61b5e5d7c01a76e6c849cdb6444

  • SHA512

    09eee3d4a4531d5da2522a71882212b36fd91c0f343e0597ce0f8b418b376e50aa3a5410ac8adeeaaec1e5cdc8d1875757e3dfd5de95dc673982ef291e71bc03

  • SSDEEP

    384:50DmzaUBecFjRpSzqPng1mwGZla68KwrAh7SOnP/:50PUhRCm1qKiAZSOn

Score
10/10

Malware Config

Extracted

Family

gozi

Targets

    • Target

      JaffaCakes118_672152ad8c189380349edef856289cdd

    • Size

      13KB

    • MD5

      672152ad8c189380349edef856289cdd

    • SHA1

      34ed78c3decf5cec41695fb019bb7d971c304258

    • SHA256

      2f54807cceeb81f637cb647eeaaa37514a90c61b5e5d7c01a76e6c849cdb6444

    • SHA512

      09eee3d4a4531d5da2522a71882212b36fd91c0f343e0597ce0f8b418b376e50aa3a5410ac8adeeaaec1e5cdc8d1875757e3dfd5de95dc673982ef291e71bc03

    • SSDEEP

      384:50DmzaUBecFjRpSzqPng1mwGZla68KwrAh7SOnP/:50PUhRCm1qKiAZSOn

    Score
    7/10
    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks