General
-
Target
JaffaCakes118_01042bcfe616d96a813a5a41dee803867c1ae88d50d39281f950289490140c87
-
Size
626KB
-
Sample
241222-dl4vta1lcv
-
MD5
7994eebe7609425f65ba3f06f8df9d77
-
SHA1
1d445f8874ead132af49ee9244b96a923851a5f5
-
SHA256
01042bcfe616d96a813a5a41dee803867c1ae88d50d39281f950289490140c87
-
SHA512
0be9d7e718553a30e4068848477dda175382b9fd2ad735644df4c4c9f72342db4abe85656c2e110f0e2ea77dd5dde0faae2426277e113e65abcfcbfd49e50844
-
SSDEEP
12288:+w1lEKREbddtOYRbHzcPwka1dCjc3N8ZL:+w1lEKOpuYxiwkkgjAN8ZL
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_01042bcfe616d96a813a5a41dee803867c1ae88d50d39281f950289490140c87.dll
Resource
win7-20240729-en
Malware Config
Extracted
gozi
Extracted
gozi
999
config.edge.skype.com
146.70.35.138
146.70.35.142
-
base_path
/phpadmin/
-
build
250227
-
exe_type
loader
-
extension
.src
-
server_id
50
Targets
-
-
Target
JaffaCakes118_01042bcfe616d96a813a5a41dee803867c1ae88d50d39281f950289490140c87
-
Size
626KB
-
MD5
7994eebe7609425f65ba3f06f8df9d77
-
SHA1
1d445f8874ead132af49ee9244b96a923851a5f5
-
SHA256
01042bcfe616d96a813a5a41dee803867c1ae88d50d39281f950289490140c87
-
SHA512
0be9d7e718553a30e4068848477dda175382b9fd2ad735644df4c4c9f72342db4abe85656c2e110f0e2ea77dd5dde0faae2426277e113e65abcfcbfd49e50844
-
SSDEEP
12288:+w1lEKREbddtOYRbHzcPwka1dCjc3N8ZL:+w1lEKOpuYxiwkkgjAN8ZL
-
Gozi family
-
Blocklisted process makes network request
-