General
-
Target
95e0fb621c67cd01a25dd4d225655bc1_JaffaCakes118
-
Size
197KB
-
Sample
240604-xafhmagd65
-
MD5
95e0fb621c67cd01a25dd4d225655bc1
-
SHA1
19eec7dc053356ed52e10baaf5f5108365a1ddc9
-
SHA256
3094a4bb675fa6d9aec4dc136c4d45354acb7dc0d5a91f323800e66ebc9052b0
-
SHA512
58f2ca00b5ce6e863c376a9b74c05089d1c2554deb9876167459313899f4408f0ae330002274145a2efa4f28112f5af3b4df80827d6a3f0b408b15202e5b1c91
-
SSDEEP
3072:iWDdCZn+MHTptyZ1+5Ck15lxYY54Fp3QT2kZz2yDj0EQ8x7xSJM7UmA0ox6:iWkdVlS1oCPY5+QT2kx5HlS27Umg
Static task
static1
Behavioral task
behavioral1
Sample
95e0fb621c67cd01a25dd4d225655bc1_JaffaCakes118.exe
Resource
win7-20240220-en
Malware Config
Extracted
gozi
-
build
215165
Extracted
gozi
3135
zweideckei.com
ziebelschr.com
endetztera.com
-
build
215165
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
Targets
-
-
Target
95e0fb621c67cd01a25dd4d225655bc1_JaffaCakes118
-
Size
197KB
-
MD5
95e0fb621c67cd01a25dd4d225655bc1
-
SHA1
19eec7dc053356ed52e10baaf5f5108365a1ddc9
-
SHA256
3094a4bb675fa6d9aec4dc136c4d45354acb7dc0d5a91f323800e66ebc9052b0
-
SHA512
58f2ca00b5ce6e863c376a9b74c05089d1c2554deb9876167459313899f4408f0ae330002274145a2efa4f28112f5af3b4df80827d6a3f0b408b15202e5b1c91
-
SSDEEP
3072:iWDdCZn+MHTptyZ1+5Ck15lxYY54Fp3QT2kZz2yDj0EQ8x7xSJM7UmA0ox6:iWkdVlS1oCPY5+QT2kx5HlS27Umg
-