General
-
Target
JaffaCakes118_6ca809f6d8f61a99f4717e8f934c90ba419dc4b1e5db7ccedc5b24741972133f
-
Size
626KB
-
Sample
241221-3r1g1svker
-
MD5
2dde17bd6194390875bf27af7a4b125d
-
SHA1
fd8b1eed36b078cda5eaed254bc8a04708709447
-
SHA256
6ca809f6d8f61a99f4717e8f934c90ba419dc4b1e5db7ccedc5b24741972133f
-
SHA512
8ab1be245849ed9320e4e200a716f56e6d590200662bd1cbf375cf1fb88c9206ddcfcdba86d1ea1eab0b5b3a06215c27dbe9ca955be5c0deef25b754bad16eef
-
SSDEEP
12288:+w1lEKREbddtOYRbHzcPwka1dCjc3N8ZV:+w1lEKOpuYxiwkkgjAN8ZV
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_6ca809f6d8f61a99f4717e8f934c90ba419dc4b1e5db7ccedc5b24741972133f.dll
Resource
win7-20240729-en
Malware Config
Extracted
gozi
Extracted
gozi
999
config.edge.skype.com
146.70.35.138
146.70.35.142
-
base_path
/phpadmin/
-
build
250227
-
exe_type
loader
-
extension
.src
-
server_id
50
Targets
-
-
Target
JaffaCakes118_6ca809f6d8f61a99f4717e8f934c90ba419dc4b1e5db7ccedc5b24741972133f
-
Size
626KB
-
MD5
2dde17bd6194390875bf27af7a4b125d
-
SHA1
fd8b1eed36b078cda5eaed254bc8a04708709447
-
SHA256
6ca809f6d8f61a99f4717e8f934c90ba419dc4b1e5db7ccedc5b24741972133f
-
SHA512
8ab1be245849ed9320e4e200a716f56e6d590200662bd1cbf375cf1fb88c9206ddcfcdba86d1ea1eab0b5b3a06215c27dbe9ca955be5c0deef25b754bad16eef
-
SSDEEP
12288:+w1lEKREbddtOYRbHzcPwka1dCjc3N8ZV:+w1lEKOpuYxiwkkgjAN8ZV
-
Gozi family
-
Blocklisted process makes network request
-