General
-
Target
9fd1579cf1541c953eacbaf3cce0de47_JaffaCakes118
-
Size
1.8MB
-
Sample
240611-2vvkhavflq
-
MD5
9fd1579cf1541c953eacbaf3cce0de47
-
SHA1
9b6c1182422a09257bebe1271961f28fee704898
-
SHA256
7b2d0ae7c31282f5a52bd8f92c7e0ce46b0ae050b5853c87b57a97e4293a1f38
-
SHA512
9230f7f9e68f575df7b8a11dd9209d34c592d947cc99e06065318714f4bd4d8dbf848dd89d62cfeb687927edbe8403ec98e050eebedcd45937f416aae7f8ff67
-
SSDEEP
49152:4SuE3+trqPKIO23Hlin6COYolnyJ2WR6wOHste0uIlCj790Lhf4xC0FyQ4L6nd:3L3yqPKIOson6Cslny8WR6wOHstehsC7
Static task
static1
Behavioral task
behavioral1
Sample
9fd1579cf1541c953eacbaf3cce0de47_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
gozi
-
build
214062
Extracted
gozi
3184
qfelicialew.city
mzg4958lc.com
gxuxwnszau.band
-
build
214062
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
Targets
-
-
Target
9fd1579cf1541c953eacbaf3cce0de47_JaffaCakes118
-
Size
1.8MB
-
MD5
9fd1579cf1541c953eacbaf3cce0de47
-
SHA1
9b6c1182422a09257bebe1271961f28fee704898
-
SHA256
7b2d0ae7c31282f5a52bd8f92c7e0ce46b0ae050b5853c87b57a97e4293a1f38
-
SHA512
9230f7f9e68f575df7b8a11dd9209d34c592d947cc99e06065318714f4bd4d8dbf848dd89d62cfeb687927edbe8403ec98e050eebedcd45937f416aae7f8ff67
-
SSDEEP
49152:4SuE3+trqPKIO23Hlin6COYolnyJ2WR6wOHste0uIlCj790Lhf4xC0FyQ4L6nd:3L3yqPKIOson6Cslny8WR6wOHstehsC7
-