General
-
Target
8285061924caa5069b4446c9cd88fb18_JaffaCakes118
-
Size
197KB
-
Sample
240530-aw5nbafg6x
-
MD5
8285061924caa5069b4446c9cd88fb18
-
SHA1
57a7e917790f7a8b0dc33e086d2798207a36eb4d
-
SHA256
fee861635aaee3e2e274c9d5d8ffa0af6b01d2a06f44d1bf7333f58a91add1c5
-
SHA512
a64a6b41d88ea01bf58502f05d9eaee515446fc8e51ea9ba3ed12f479d509446b1d4aa9fc3542de30d37ee19bbd7adaa1130ea250bfdb73d8c0b31cd93182f7e
-
SSDEEP
3072:/WDdCZn+MHTptyZ1+5Ck15lxYY54Fp3QT2kZz2yDj0EQ8x7xSJM7UmA0ox6:/WkdVlS1oCPY5+QT2kx5HlS27Umg
Static task
static1
Behavioral task
behavioral1
Sample
8285061924caa5069b4446c9cd88fb18_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
gozi
-
build
215165
Extracted
gozi
3135
zweideckei.com
ziebelschr.com
endetztera.com
-
build
215165
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
Targets
-
-
Target
8285061924caa5069b4446c9cd88fb18_JaffaCakes118
-
Size
197KB
-
MD5
8285061924caa5069b4446c9cd88fb18
-
SHA1
57a7e917790f7a8b0dc33e086d2798207a36eb4d
-
SHA256
fee861635aaee3e2e274c9d5d8ffa0af6b01d2a06f44d1bf7333f58a91add1c5
-
SHA512
a64a6b41d88ea01bf58502f05d9eaee515446fc8e51ea9ba3ed12f479d509446b1d4aa9fc3542de30d37ee19bbd7adaa1130ea250bfdb73d8c0b31cd93182f7e
-
SSDEEP
3072:/WDdCZn+MHTptyZ1+5Ck15lxYY54Fp3QT2kZz2yDj0EQ8x7xSJM7UmA0ox6:/WkdVlS1oCPY5+QT2kx5HlS27Umg
-