General
-
Target
fcb53acd5fd1637a2ac1bc69f396e92c_JaffaCakes118
-
Size
256KB
-
Sample
240420-nz8q2aga87
-
MD5
fcb53acd5fd1637a2ac1bc69f396e92c
-
SHA1
a09432a56375c5a39856d59e402c3f8642edda7b
-
SHA256
cc7045d9fe77c4aa4cb646d01fb4700008a34f58f49358d0b0b0997d21016aab
-
SHA512
47bcd8326a65b2a50ee7a9691853c6a6d6a424ad4e0a7760794aa20c137450017793ed9756302666b6b1aed93048d879395a6fde2c95f9b9fc67ca4bd6e38116
-
SSDEEP
3072:eb/VDsMK5SdPlKCXbkB9Kv1y5Gun6XKwRDcXEX55d2wNQ+XnwEf4bvuQ5OjrDGZt:WCoMRt6XKUSRACdOj57jY5jM9H8eGN
Static task
static1
Behavioral task
behavioral1
Sample
fcb53acd5fd1637a2ac1bc69f396e92c_JaffaCakes118.dll
Resource
win7-20240221-en
Malware Config
Extracted
gozi
Extracted
gozi
7412
signin.microsoft.com
aaaa.bar
cccc.casa
wwwww.bar
-
base_path
/jdraw/
-
build
250211
-
dns_servers
107.174.86.134
107.175.127.22
-
exe_type
loader
-
extension
.crw
-
server_id
12
Targets
-
-
Target
fcb53acd5fd1637a2ac1bc69f396e92c_JaffaCakes118
-
Size
256KB
-
MD5
fcb53acd5fd1637a2ac1bc69f396e92c
-
SHA1
a09432a56375c5a39856d59e402c3f8642edda7b
-
SHA256
cc7045d9fe77c4aa4cb646d01fb4700008a34f58f49358d0b0b0997d21016aab
-
SHA512
47bcd8326a65b2a50ee7a9691853c6a6d6a424ad4e0a7760794aa20c137450017793ed9756302666b6b1aed93048d879395a6fde2c95f9b9fc67ca4bd6e38116
-
SSDEEP
3072:eb/VDsMK5SdPlKCXbkB9Kv1y5Gun6XKwRDcXEX55d2wNQ+XnwEf4bvuQ5OjrDGZt:WCoMRt6XKUSRACdOj57jY5jM9H8eGN
-