General

  • Target

    1770629cd11783f269457ba5263c6acc_JaffaCakes118

  • Size

    222KB

  • Sample

    241005-m84yrsvhrc

  • MD5

    1770629cd11783f269457ba5263c6acc

  • SHA1

    03be2e20468d4614e877700a40086dad3cb8cd34

  • SHA256

    ea592e67befa6d2e10dd474ed4cda2d075cf8577c82340ae6c6133fb1d5d9bc0

  • SHA512

    7f06fae1711f410aa6cf2dd25417cd240a056d69f8e3bcd7295b3cccac6c2d59b9e6483daa296edf3f183af6b30a608af678463345cb1d23f19e049e773eb95b

  • SSDEEP

    6144:/HExb7VwvtKNbnvSxYNiyf+D3Lu3y5ZH:cxb5wvtKRvSxY0G+D7u3g

Score
10/10

Malware Config

Extracted

Family

gozi

Botnet

4474

C2

lycos.com

mail.yahoo.com

193.56.255.251

193.56.255.250

193.56.255.249

numolerunosell.online

gumolerunosell.online

rumolerunosell.online

Attributes
  • base_path

    /images/

  • dga_season

    10

  • dga_tlds

    com

    ru

    org

  • exe_type

    worker

  • extension

    .avi

  • server_id

    12

rsa_pubkey.plain
serpent.plain

Targets

    • Target

      1770629cd11783f269457ba5263c6acc_JaffaCakes118

    • Size

      222KB

    • MD5

      1770629cd11783f269457ba5263c6acc

    • SHA1

      03be2e20468d4614e877700a40086dad3cb8cd34

    • SHA256

      ea592e67befa6d2e10dd474ed4cda2d075cf8577c82340ae6c6133fb1d5d9bc0

    • SHA512

      7f06fae1711f410aa6cf2dd25417cd240a056d69f8e3bcd7295b3cccac6c2d59b9e6483daa296edf3f183af6b30a608af678463345cb1d23f19e049e773eb95b

    • SSDEEP

      6144:/HExb7VwvtKNbnvSxYNiyf+D3Lu3y5ZH:cxb5wvtKRvSxY0G+D7u3g

    Score
    1/10

MITRE ATT&CK Matrix

Tasks