General
-
Target
dce10e2eaf5ff6675f79dafc870da0cd_JaffaCakes118
-
Size
606KB
-
Sample
240406-gkv33aca9z
-
MD5
dce10e2eaf5ff6675f79dafc870da0cd
-
SHA1
7bcb07ecca4b540c17b4a9a6192b78d2212c117d
-
SHA256
5c0d5dbdcefeb286689dc07a6a0a405a491e1ccb31cf4b945a245370ace5747a
-
SHA512
d9197778e5d0a766defc504178666d384678893b85a69712df9aa3b7c379f4f0c570afd3246c817640cec9d149cf0a49cc2682ca627d1cb98ec193057f1ed869
-
SSDEEP
12288:/8dajLSIFcqRfyo4Tf89UtoM+YD3h0QYDpnynKZ0febiL+eMq6FiIaRzrg:Roqpyo4TfmUtoMapy60feKQiI4
Static task
static1
Behavioral task
behavioral1
Sample
dce10e2eaf5ff6675f79dafc870da0cd_JaffaCakes118.dll
Resource
win7-20240221-en
Malware Config
Extracted
gozi
Extracted
gozi
5566
outlook.com
peajame.com
gderrrpololo.net
-
base_path
/glik/
-
build
250211
-
dga_season
10
-
exe_type
loader
-
extension
.lwe
-
server_id
12
Targets
-
-
Target
dce10e2eaf5ff6675f79dafc870da0cd_JaffaCakes118
-
Size
606KB
-
MD5
dce10e2eaf5ff6675f79dafc870da0cd
-
SHA1
7bcb07ecca4b540c17b4a9a6192b78d2212c117d
-
SHA256
5c0d5dbdcefeb286689dc07a6a0a405a491e1ccb31cf4b945a245370ace5747a
-
SHA512
d9197778e5d0a766defc504178666d384678893b85a69712df9aa3b7c379f4f0c570afd3246c817640cec9d149cf0a49cc2682ca627d1cb98ec193057f1ed869
-
SSDEEP
12288:/8dajLSIFcqRfyo4Tf89UtoM+YD3h0QYDpnynKZ0febiL+eMq6FiIaRzrg:Roqpyo4TfmUtoMapy60feKQiI4
-
Blocklisted process makes network request
-