General
-
Target
9e67e68ddbedba865b91b5469ab642ef_JaffaCakes118
-
Size
701KB
-
Sample
240403-dlmarsee36
-
MD5
9e67e68ddbedba865b91b5469ab642ef
-
SHA1
f2c7b0735343081be06e48616d0fc14235a28744
-
SHA256
41c0934ba1be030dbae45893107f6a2ae5f99c79d7634626263cdf809f7556ee
-
SHA512
802d983ca7ca04ae737da69ed5772eece8f408c6c02c8d0c42cfea1c1abf25236b02c35c09d56f3ba6a229b3b71f72fa3d4c6735c8670c76affdbbc139b63d87
-
SSDEEP
12288:aUAQSxl6fDEr8Np6b/rPPsjosrS9aEoe+0JCym+4YJAOSVUNcuHIGF4uW/XrGAsV:az3xl6fq8Np6bTPPaBreaZlYCOSVol2a
Static task
static1
Behavioral task
behavioral1
Sample
9e67e68ddbedba865b91b5469ab642ef_JaffaCakes118.dll
Resource
win7-20240319-en
Malware Config
Extracted
gozi
Extracted
gozi
8899
msn.com/mail
breuranel.website
outlook.com/signup
areuranel.website
-
base_path
/liopolo/
-
build
260212
-
dga_season
10
-
exe_type
loader
-
extension
.jre
-
server_id
12
Targets
-
-
Target
9e67e68ddbedba865b91b5469ab642ef_JaffaCakes118
-
Size
701KB
-
MD5
9e67e68ddbedba865b91b5469ab642ef
-
SHA1
f2c7b0735343081be06e48616d0fc14235a28744
-
SHA256
41c0934ba1be030dbae45893107f6a2ae5f99c79d7634626263cdf809f7556ee
-
SHA512
802d983ca7ca04ae737da69ed5772eece8f408c6c02c8d0c42cfea1c1abf25236b02c35c09d56f3ba6a229b3b71f72fa3d4c6735c8670c76affdbbc139b63d87
-
SSDEEP
12288:aUAQSxl6fDEr8Np6b/rPPsjosrS9aEoe+0JCym+4YJAOSVUNcuHIGF4uW/XrGAsV:az3xl6fq8Np6bTPPaBreaZlYCOSVol2a
-
Blocklisted process makes network request
-