General
-
Target
1d3278c7061328047812fec7226fd160_JaffaCakes118
-
Size
46KB
-
Sample
240702-bc3kaa1anc
-
MD5
1d3278c7061328047812fec7226fd160
-
SHA1
bf5f2e83e455c49d26cb22c28f4af4da9b816e24
-
SHA256
c4895cbb70b519c9e553f8b16ee4eff9e8dd9a93d52379da6aa82341f3867b63
-
SHA512
bfadbbeef7da2317f7185cd685c2eeacfffeee6ba914c604f3d09d532bdee9002baccf24b3345111e3c411fa8fb60890d2e9af5cc52f8841d8ff5ea95b765ffd
-
SSDEEP
768:i977CyXuoIbxt19PVoOn7pffAlu3Ngq/IEv5hzzjyJjt5vk8wuwkaOtM:CCyXUZn9HcudgTE/zuZkLuwkaOtM
Malware Config
Extracted
gozi
Targets
-
-
Target
1d3278c7061328047812fec7226fd160_JaffaCakes118
-
Size
46KB
-
MD5
1d3278c7061328047812fec7226fd160
-
SHA1
bf5f2e83e455c49d26cb22c28f4af4da9b816e24
-
SHA256
c4895cbb70b519c9e553f8b16ee4eff9e8dd9a93d52379da6aa82341f3867b63
-
SHA512
bfadbbeef7da2317f7185cd685c2eeacfffeee6ba914c604f3d09d532bdee9002baccf24b3345111e3c411fa8fb60890d2e9af5cc52f8841d8ff5ea95b765ffd
-
SSDEEP
768:i977CyXuoIbxt19PVoOn7pffAlu3Ngq/IEv5hzzjyJjt5vk8wuwkaOtM:CCyXUZn9HcudgTE/zuZkLuwkaOtM
Score8/10-
Drops file in Drivers directory
-
Sets service image path in registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-