General
-
Target
19cf0f1a01aa4b001c0baf172952b363_JaffaCakes118
-
Size
2.0MB
-
Sample
240628-mnjr4axenq
-
MD5
19cf0f1a01aa4b001c0baf172952b363
-
SHA1
2806a09099abe39de1b68a9c66a28bb9ff971e5e
-
SHA256
2a64d3c1b9a873379dab9ef3c4a4236529940d2a3d8182126cdcfaba6ad72fb3
-
SHA512
c5646551ecdf5ccb84e9017c8a8aa090ff0ec2fff106c398240f012bd442909b0b6b0986dd54b632102ccf198885bcf354ecdf441e108c04f8b404140e04da49
-
SSDEEP
49152:/yVkwXM83xZ8ML430uyS/BuoZj/s+4CW3/scFE:/yVxXJx40uXpS3Ux
Static task
static1
Behavioral task
behavioral1
Sample
19cf0f1a01aa4b001c0baf172952b363_JaffaCakes118.exe
Resource
win7-20240508-en
Malware Config
Extracted
gozi
Targets
-
-
Target
19cf0f1a01aa4b001c0baf172952b363_JaffaCakes118
-
Size
2.0MB
-
MD5
19cf0f1a01aa4b001c0baf172952b363
-
SHA1
2806a09099abe39de1b68a9c66a28bb9ff971e5e
-
SHA256
2a64d3c1b9a873379dab9ef3c4a4236529940d2a3d8182126cdcfaba6ad72fb3
-
SHA512
c5646551ecdf5ccb84e9017c8a8aa090ff0ec2fff106c398240f012bd442909b0b6b0986dd54b632102ccf198885bcf354ecdf441e108c04f8b404140e04da49
-
SSDEEP
49152:/yVkwXM83xZ8ML430uyS/BuoZj/s+4CW3/scFE:/yVxXJx40uXpS3Ux
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-