General
-
Target
JaffaCakes118_20699ec2bad0f7e41497caf97f151d26ed67279d9f2e9b81afae6b668540c244
-
Size
626KB
-
Sample
241223-zspv5a1mgq
-
MD5
133726fc50014b0eb397b2a12cf011af
-
SHA1
cf86754f2fa9565360e1c976d57fa74c1f98ed48
-
SHA256
20699ec2bad0f7e41497caf97f151d26ed67279d9f2e9b81afae6b668540c244
-
SHA512
eb6dd89229fef6e0b223dc871c0c6efc0df092f7c15db57788dd8a988b8457aa91385367479d08e0e04718bdc89d741936ea201588fda4f00c1ac5d6fce2616c
-
SSDEEP
12288:+w1lEKREbddtOYRbHzcPwka1dCjc3N8Z7:+w1lEKOpuYxiwkkgjAN8Z7
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_20699ec2bad0f7e41497caf97f151d26ed67279d9f2e9b81afae6b668540c244.dll
Resource
win7-20240903-en
Malware Config
Extracted
gozi
Extracted
gozi
999
config.edge.skype.com
146.70.35.138
146.70.35.142
-
base_path
/phpadmin/
-
build
250227
-
exe_type
loader
-
extension
.src
-
server_id
50
Targets
-
-
Target
JaffaCakes118_20699ec2bad0f7e41497caf97f151d26ed67279d9f2e9b81afae6b668540c244
-
Size
626KB
-
MD5
133726fc50014b0eb397b2a12cf011af
-
SHA1
cf86754f2fa9565360e1c976d57fa74c1f98ed48
-
SHA256
20699ec2bad0f7e41497caf97f151d26ed67279d9f2e9b81afae6b668540c244
-
SHA512
eb6dd89229fef6e0b223dc871c0c6efc0df092f7c15db57788dd8a988b8457aa91385367479d08e0e04718bdc89d741936ea201588fda4f00c1ac5d6fce2616c
-
SSDEEP
12288:+w1lEKREbddtOYRbHzcPwka1dCjc3N8Z7:+w1lEKOpuYxiwkkgjAN8Z7
-
Gozi family
-
Blocklisted process makes network request
-