Overview

overview

10

Static

static

10

491cae6d0d...18.exe

windows7-x64

1

491cae6d0d...18.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    491cae6d0db3fe37324d252588ab32ce_JaffaCakes118

  • Size

    204KB

  • Sample

    240516-czfjpsgf74

  • MD5

    491cae6d0db3fe37324d252588ab32ce

  • SHA1

    ba942f7a0fa2a76a83281cfd87537d3f929ab84c

  • SHA256

    291bf5665d0171b836b5e6ed436d31c19ff68db4c8fe97a949802df68d22ad12

  • SHA512

    d01df7319766fa088cd05770511d4000ce55c4bc97e4b0b7d9222b3194a3be60c12adb7efacc805458f660e81ed60afc73e50c9f8eaa452e309e4465273e1d9b

  • SSDEEP

    6144:+1IQjw4aeKiKmaC0B4yzoXkDUCYAVqlxnuwm:+C4aeKiKmajBHsyxhQ

Score
10/10
gozi2411isfb

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

2411

C2

princlegislative.su/mp_xxx/front/xxx

prophosthdor.su/mp_xxx/front/xxx

xhroompjsapi.com/mp_xxx/front/xxx
Attributes
  • exe_type

    worker

  • server_id

    55

rsa_pubkey.plain
serpent.plain

Targets

    • Target

      491cae6d0db3fe37324d252588ab32ce_JaffaCakes118

    • Size

      204KB

    • MD5

      491cae6d0db3fe37324d252588ab32ce

    • SHA1

      ba942f7a0fa2a76a83281cfd87537d3f929ab84c

    • SHA256

      291bf5665d0171b836b5e6ed436d31c19ff68db4c8fe97a949802df68d22ad12

    • SHA512

      d01df7319766fa088cd05770511d4000ce55c4bc97e4b0b7d9222b3194a3be60c12adb7efacc805458f660e81ed60afc73e50c9f8eaa452e309e4465273e1d9b

    • SSDEEP

      6144:+1IQjw4aeKiKmaC0B4yzoXkDUCYAVqlxnuwm:+C4aeKiKmajBHsyxhQ

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks