Overview

overview

10

Static

static

10

fa57ad5c56...18.dll

windows7-x64

1

fa57ad5c56...18.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fa57ad5c56f24fc4ba32cda68593719a_JaffaCakes118

  • Size

    242KB

  • Sample

    240419-p6t2wsda54

  • MD5

    fa57ad5c56f24fc4ba32cda68593719a

  • SHA1

    96c78dc7e5b8a8e2513751b20a23ae66bac61717

  • SHA256

    092cdea0582922baed708364cc094bf25f6fda8ba38fcc6d8f20e598ceb186dd

  • SHA512

    0e0f9a54bebadb5e8971ee7ed89f15fb64cddf0e9e3affebe783e80b2103dc6429c80ff7c0d82af8f08e3154c01c43f97762c636fd5c9eaddacd77edf5884a43

  • SSDEEP

    6144:tmnZO0GDlypHAT/cxkDyPFXkfh+3m33c5TWjak4SvS83x4:tMZOrEpHAT/cLPF0Im3s5TWjaCK86

Score
10/10
gozi2500isfb

Malware Config

Extracted

Family

gozi

Botnet

2500

C2

art.microsoftsofymicrosoftsoft.at

apr.intoolkom.at

r23cirt55ysvtdvl.onion

gta5.fifatalk.at

pop.biopiof.at

l46t3vgvmtx5wxe6.onion

v10.avyanok.com

free.monotreener.com

sam.fafona.at
Attributes
  • exe_type

    worker

  • server_id

    580

rsa_pubkey.plain
aes.plain

Targets

    • Target

      fa57ad5c56f24fc4ba32cda68593719a_JaffaCakes118

    • Size

      242KB

    • MD5

      fa57ad5c56f24fc4ba32cda68593719a

    • SHA1

      96c78dc7e5b8a8e2513751b20a23ae66bac61717

    • SHA256

      092cdea0582922baed708364cc094bf25f6fda8ba38fcc6d8f20e598ceb186dd

    • SHA512

      0e0f9a54bebadb5e8971ee7ed89f15fb64cddf0e9e3affebe783e80b2103dc6429c80ff7c0d82af8f08e3154c01c43f97762c636fd5c9eaddacd77edf5884a43

    • SSDEEP

      6144:tmnZO0GDlypHAT/cxkDyPFXkfh+3m33c5TWjak4SvS83x4:tMZOrEpHAT/cLPF0Im3s5TWjaCK86

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks