General
-
Target
9b5c0367804f6993dadd950ba70a7880_JaffaCakes118
-
Size
1.8MB
-
Sample
240610-vbabwstdlh
-
MD5
9b5c0367804f6993dadd950ba70a7880
-
SHA1
d8b1ebf4c1f57a42f63e5cc55a00528c386d028b
-
SHA256
12fdef9ce090523498da22295fe6b4d5c6e0224964b4ec4455f94902958c0c3e
-
SHA512
e06d99d2dc7289d12132c8103838cdf8e3073e68bd1fb9514519d9912bec5b4d5d35868ed99f3d2b5d9adb33a86df7f0ec02c42005c3bdb86ffe0ef5d8913ceb
-
SSDEEP
49152:4SuE3ytrqPKIO23Hlin6COYolnyJ2WR6wOHste0uIlCj790Lhf4xC0FyQ4L6nd:3L32qPKIOson6Cslny8WR6wOHstehsC7
Static task
static1
Behavioral task
behavioral1
Sample
9b5c0367804f6993dadd950ba70a7880_JaffaCakes118.exe
Resource
win7-20240508-en
Malware Config
Extracted
gozi
-
build
214062
Extracted
gozi
3184
qfelicialew.city
mzg4958lc.com
gxuxwnszau.band
-
build
214062
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
Targets
-
-
Target
9b5c0367804f6993dadd950ba70a7880_JaffaCakes118
-
Size
1.8MB
-
MD5
9b5c0367804f6993dadd950ba70a7880
-
SHA1
d8b1ebf4c1f57a42f63e5cc55a00528c386d028b
-
SHA256
12fdef9ce090523498da22295fe6b4d5c6e0224964b4ec4455f94902958c0c3e
-
SHA512
e06d99d2dc7289d12132c8103838cdf8e3073e68bd1fb9514519d9912bec5b4d5d35868ed99f3d2b5d9adb33a86df7f0ec02c42005c3bdb86ffe0ef5d8913ceb
-
SSDEEP
49152:4SuE3ytrqPKIO23Hlin6COYolnyJ2WR6wOHste0uIlCj790Lhf4xC0FyQ4L6nd:3L32qPKIOson6Cslny8WR6wOHstehsC7
-