Overview

overview

10

Static

static

10

01d06f85fc...18.exe

windows7-x64

7

01d06f85fc...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    01d06f85fce63444c3563fe3bd20c004_JaffaCakes118

  • Size

    100KB

  • Sample

    240622-m5ymksvgka

  • MD5

    01d06f85fce63444c3563fe3bd20c004

  • SHA1

    c4192f0994d5b9a5efd18e9a697dcf78cc092c0d

  • SHA256

    bd11592557d2dba4e2cc5cdfdbc61cba64735ae01050db58557e2281389512a0

  • SHA512

    0846b6e70c32fa21bae9f8eb05cd4d1dadb8f806baafeb27a19ea2ce44ec2d3cc3184925628ca4132a2e83e6c5f914db72c84cf71fbf448997d84bc69a553e1a

  • SSDEEP

    1536:ugResSzjBEY7AmycmyTOOiq7NPsS5A9M3jj+kEPDKgf:t3S/CY7GQT9iqx0XYg7/

Score
10/10
goziisfb

Malware Config

Extracted

Family

gozi

Targets

    • Target

      01d06f85fce63444c3563fe3bd20c004_JaffaCakes118

    • Size

      100KB

    • MD5

      01d06f85fce63444c3563fe3bd20c004

    • SHA1

      c4192f0994d5b9a5efd18e9a697dcf78cc092c0d

    • SHA256

      bd11592557d2dba4e2cc5cdfdbc61cba64735ae01050db58557e2281389512a0

    • SHA512

      0846b6e70c32fa21bae9f8eb05cd4d1dadb8f806baafeb27a19ea2ce44ec2d3cc3184925628ca4132a2e83e6c5f914db72c84cf71fbf448997d84bc69a553e1a

    • SSDEEP

      1536:ugResSzjBEY7AmycmyTOOiq7NPsS5A9M3jj+kEPDKgf:t3S/CY7GQT9iqx0XYg7/

    Score
    7/10

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks