Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_b692894d7c90baf5ce9c2a0427e4ef9444b57ff0d3b42f37fe402913db0f66d8

  • Size

    244KB

  • Sample

    241222-jz6jfszpf1

  • MD5

    905425e37afe4e924abd4fd5ee4a571e

  • SHA1

    1221463130c1b8796f813dd5fe0c98f15efa1e78

  • SHA256

    b692894d7c90baf5ce9c2a0427e4ef9444b57ff0d3b42f37fe402913db0f66d8

  • SHA512

    b06f4132ff4a72f5b12fe713fea117ac901ceff9b5c685a354bdcc8aec7cafa4692fac8f2a836e5a41fde1f0f314af5066cabe4197ca2467b0b7e23e20a70ddf

  • SSDEEP

    6144:PAFuPuQxiir23Yj6PMDx/xDfB5P557fB:PA4PuQII2c6PeVFfL5b

Score
10/10
gozi7638isfb

Malware Config

Extracted

Family

gozi

Botnet

7638

C2

185.31.160.229

31.41.44.60

31.41.46.132

185.31.162.9

62.173.147.113
Attributes
  • base_path

    /images/

  • exe_type

    worker

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    Tasks