General
-
Target
a6ba2e834e4429f7e13406cf5897a71f_JaffaCakes118
-
Size
1.8MB
-
Sample
240613-1njnzsvfnp
-
MD5
a6ba2e834e4429f7e13406cf5897a71f
-
SHA1
14143fc6cc6e2b6afba16e02bbf010ce93561436
-
SHA256
dcdd775ccbbe54e21464fe274f737694641875f63157f043a7285acfdec17e2a
-
SHA512
d04c1feae157d43b2c2e165de5f66760bdd025076e4d7c2a5527def529739479916ef0c580d5299a0c5fbdd1616a68a7b2d90ac71b5a52a27319bd6a01b95327
-
SSDEEP
49152:4SuE32trqPKIO23Hlin6COYolnyJ2WR6wOHste0uIlCj790Lhf4xC0FyQ4L6nd:3L3qqPKIOson6Cslny8WR6wOHstehsC7
Static task
static1
Behavioral task
behavioral1
Sample
a6ba2e834e4429f7e13406cf5897a71f_JaffaCakes118.exe
Resource
win7-20240508-en
Malware Config
Extracted
gozi
-
build
214062
Extracted
gozi
3184
qfelicialew.city
mzg4958lc.com
gxuxwnszau.band
-
build
214062
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
Targets
-
-
Target
a6ba2e834e4429f7e13406cf5897a71f_JaffaCakes118
-
Size
1.8MB
-
MD5
a6ba2e834e4429f7e13406cf5897a71f
-
SHA1
14143fc6cc6e2b6afba16e02bbf010ce93561436
-
SHA256
dcdd775ccbbe54e21464fe274f737694641875f63157f043a7285acfdec17e2a
-
SHA512
d04c1feae157d43b2c2e165de5f66760bdd025076e4d7c2a5527def529739479916ef0c580d5299a0c5fbdd1616a68a7b2d90ac71b5a52a27319bd6a01b95327
-
SSDEEP
49152:4SuE32trqPKIO23Hlin6COYolnyJ2WR6wOHste0uIlCj790Lhf4xC0FyQ4L6nd:3L3qqPKIOson6Cslny8WR6wOHstehsC7
-