General
-
Target
2af56c3db87fdf4bb7c3de1ac53d97b6_JaffaCakes118
-
Size
143KB
-
Sample
240728-3hvv6s1dpn
-
MD5
2af56c3db87fdf4bb7c3de1ac53d97b6
-
SHA1
c02b4c0c19c54d3c2c25444c7ec888c33b81926f
-
SHA256
d7c37dced460635f71add15aa5071cdd82d73ab250c7f3104387bcdceb7ddced
-
SHA512
c025d4767ac95764c1c4bc7281072bcd226f66bb1002b866f4d64aca449f5fd40b3aeea8debc8435677538d324144cec837405acf6005c2a5e50395a446f78f4
-
SSDEEP
3072:DH2/rnqskIU6Ca/jMI6GPtSd4RKBWMKob523U:b2/VFCa/jMTEtS6RroY
Static task
static1
Behavioral task
behavioral1
Sample
2af56c3db87fdf4bb7c3de1ac53d97b6_JaffaCakes118.dll
Resource
win7-20240704-en
Malware Config
Extracted
gozi
7223
porp53334.yahoo.com
web.cindycrawfordgroup.com
-
build
250154
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
Extracted
gozi
Targets
-
-
Target
2af56c3db87fdf4bb7c3de1ac53d97b6_JaffaCakes118
-
Size
143KB
-
MD5
2af56c3db87fdf4bb7c3de1ac53d97b6
-
SHA1
c02b4c0c19c54d3c2c25444c7ec888c33b81926f
-
SHA256
d7c37dced460635f71add15aa5071cdd82d73ab250c7f3104387bcdceb7ddced
-
SHA512
c025d4767ac95764c1c4bc7281072bcd226f66bb1002b866f4d64aca449f5fd40b3aeea8debc8435677538d324144cec837405acf6005c2a5e50395a446f78f4
-
SSDEEP
3072:DH2/rnqskIU6Ca/jMI6GPtSd4RKBWMKob523U:b2/VFCa/jMTEtS6RroY
-