General
-
Target
0490ade50ff45e406d37ca916cd81631_JaffaCakes118
-
Size
11KB
-
Sample
240620-k11v2atcll
-
MD5
0490ade50ff45e406d37ca916cd81631
-
SHA1
141df525ec7d7408f44b6dd4bec45f96903e91e6
-
SHA256
7c9a748d42690c2f2e7f3018d32d3219481051719e44076c5c28c61facb81743
-
SHA512
ce8c98951a9a21ac1bafddad08ee1a9e7abd29583dade44b51c37dcf519e42792efa5de011f4d784b1a62bf4b001707dfec416e1447edca996d7faa30f4cd850
-
SSDEEP
192:OL0D3fFmJGZ+BPfqRX9IuYS47BudEQltO2OZvcYXAaww9cjBg3iQq4+9jDN0+be:OgfgJGspBqGOO2IbXAaww9uuiB4UjDif
Behavioral task
behavioral1
Sample
0490ade50ff45e406d37ca916cd81631_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
0490ade50ff45e406d37ca916cd81631_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
gozi
Targets
-
-
Target
0490ade50ff45e406d37ca916cd81631_JaffaCakes118
-
Size
11KB
-
MD5
0490ade50ff45e406d37ca916cd81631
-
SHA1
141df525ec7d7408f44b6dd4bec45f96903e91e6
-
SHA256
7c9a748d42690c2f2e7f3018d32d3219481051719e44076c5c28c61facb81743
-
SHA512
ce8c98951a9a21ac1bafddad08ee1a9e7abd29583dade44b51c37dcf519e42792efa5de011f4d784b1a62bf4b001707dfec416e1447edca996d7faa30f4cd850
-
SSDEEP
192:OL0D3fFmJGZ+BPfqRX9IuYS47BudEQltO2OZvcYXAaww9cjBg3iQq4+9jDN0+be:OgfgJGspBqGOO2IbXAaww9uuiB4UjDif
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-