General
-
Target
b4c988a94242af0afe8b6b367f032a8d_JaffaCakes118
-
Size
203KB
-
Sample
240616-x226pstekc
-
MD5
b4c988a94242af0afe8b6b367f032a8d
-
SHA1
c576a66700914ea941f1cd8406a3f97d4ead0bd7
-
SHA256
e7ea99b780111336c9a8c301c18e9d93ef7d13eace98fe3bb9d844b305736316
-
SHA512
3fb5309d9f7e1547b7349cf241a9c3cb7cd0f934f751929d125d687467d5ea5fe180fbae1cd03e64502dca999e6b39e3f3a0b9be0782f4128fa96904e323d8e3
-
SSDEEP
3072:90ji2dQ6v4uPXDNUj4jKBonzmLXlYVRLh0epEEZqkFBc4+uTqN76o:9+dp4uPZzGonqXGXh0bluBc4GZ5
Static task
static1
Behavioral task
behavioral1
Sample
b4c988a94242af0afe8b6b367f032a8d_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
gozi
-
build
215165
Extracted
gozi
3162
menehleibe.com
liemuteste.com
thulligend.com
-
build
215165
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
Targets
-
-
Target
b4c988a94242af0afe8b6b367f032a8d_JaffaCakes118
-
Size
203KB
-
MD5
b4c988a94242af0afe8b6b367f032a8d
-
SHA1
c576a66700914ea941f1cd8406a3f97d4ead0bd7
-
SHA256
e7ea99b780111336c9a8c301c18e9d93ef7d13eace98fe3bb9d844b305736316
-
SHA512
3fb5309d9f7e1547b7349cf241a9c3cb7cd0f934f751929d125d687467d5ea5fe180fbae1cd03e64502dca999e6b39e3f3a0b9be0782f4128fa96904e323d8e3
-
SSDEEP
3072:90ji2dQ6v4uPXDNUj4jKBonzmLXlYVRLh0epEEZqkFBc4+uTqN76o:9+dp4uPZzGonqXGXh0bluBc4GZ5
-