Overview

overview

10

Static

static

10

13b3cb819b...18.exe

windows7-x64

7

13b3cb819b...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    13b3cb819b460591c27e133e93fb8661_JaffaCakes118

  • Size

    224KB

  • Sample

    240626-2dl7ssxepb

  • MD5

    13b3cb819b460591c27e133e93fb8661

  • SHA1

    33157a630a00078ac106f05ebd90feb1e61fb46d

  • SHA256

    618a75808b11fba4d1501587f2df23c6bf4094a474497a1f15fb85bbdc6cd593

  • SHA512

    d0853c6f3734ccbce7092c233c5ae582aba7ece330459b2a280199e19b7ae10fcd844307a2bb85f81b2b0d46235ca3241286740027cee157deba46b621ac43b4

  • SSDEEP

    3072:j78yHpYetDrHNsbqrf29rGHWwsMr7w2nu+PpAgxs9D/sv9Z:j78yHp9rQ85RZr0ku+cD/cZ

Score
10/10
goziisfb

Malware Config

Extracted

Family

gozi

Targets

    • Target

      13b3cb819b460591c27e133e93fb8661_JaffaCakes118

    • Size

      224KB

    • MD5

      13b3cb819b460591c27e133e93fb8661

    • SHA1

      33157a630a00078ac106f05ebd90feb1e61fb46d

    • SHA256

      618a75808b11fba4d1501587f2df23c6bf4094a474497a1f15fb85bbdc6cd593

    • SHA512

      d0853c6f3734ccbce7092c233c5ae582aba7ece330459b2a280199e19b7ae10fcd844307a2bb85f81b2b0d46235ca3241286740027cee157deba46b621ac43b4

    • SSDEEP

      3072:j78yHpYetDrHNsbqrf29rGHWwsMr7w2nu+PpAgxs9D/sv9Z:j78yHp9rQ85RZr0ku+cD/cZ

    Score
    7/10

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks