General
-
Target
25a27d247432fe9f84eee3ebfca5f72a_JaffaCakes118
-
Size
606KB
-
Sample
240329-sws9dsbd8y
-
MD5
25a27d247432fe9f84eee3ebfca5f72a
-
SHA1
e3331a019577644518fcf397c0f8dbb3be3bbb02
-
SHA256
dd28953551dfccf038a501dbf06b7d87e6fd5ec99edfb0d78da1603d026e3d84
-
SHA512
281207d7e5534b2c25b86a997a54feb4b8b069a5048e426bb1c62c087877e4ce7f46942789c9402ad6b3cb1a64d4d2bea4cf9aed5cdf3b55bc2d813447cc38ec
-
SSDEEP
12288:m8dajLSIFcqRfyo4Tq89UtoM+YD3h0QYDpnynKZ0febiP+eMq6FiIa5zrg:ioqpyo4TqmUtoMapy60feeQiIY
Static task
static1
Behavioral task
behavioral1
Sample
25a27d247432fe9f84eee3ebfca5f72a_JaffaCakes118.dll
Resource
win7-20231129-en
Malware Config
Extracted
gozi
Extracted
gozi
5566
outlook.com
peajame.com
gderrrpololo.net
-
base_path
/glik/
-
build
250211
-
dga_season
10
-
exe_type
loader
-
extension
.lwe
-
server_id
12
Targets
-
-
Target
25a27d247432fe9f84eee3ebfca5f72a_JaffaCakes118
-
Size
606KB
-
MD5
25a27d247432fe9f84eee3ebfca5f72a
-
SHA1
e3331a019577644518fcf397c0f8dbb3be3bbb02
-
SHA256
dd28953551dfccf038a501dbf06b7d87e6fd5ec99edfb0d78da1603d026e3d84
-
SHA512
281207d7e5534b2c25b86a997a54feb4b8b069a5048e426bb1c62c087877e4ce7f46942789c9402ad6b3cb1a64d4d2bea4cf9aed5cdf3b55bc2d813447cc38ec
-
SSDEEP
12288:m8dajLSIFcqRfyo4Tq89UtoM+YD3h0QYDpnynKZ0febiP+eMq6FiIa5zrg:ioqpyo4TqmUtoMapy60feeQiIY
-
Blocklisted process makes network request
-