Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_76f91d3407b17ceb04a60536106c17653d1d8eb151485fa7bc0b7280e1601666

  • Size

    268KB

  • Sample

    241224-bwxhdayjap

  • MD5

    cbf2ff6fecce805e6944e1e7745e087e

  • SHA1

    1265e23473c141d5e8554568b71e4e0be6c9cf2e

  • SHA256

    76f91d3407b17ceb04a60536106c17653d1d8eb151485fa7bc0b7280e1601666

  • SHA512

    32a94f13db58098f3b4121040393f2143fe753fda4edc17d35882921e2b28e38c1f3d3f22833dc51b04c01916765557bdc73bd386ce04733be11523d2949db08

  • SSDEEP

    6144:gvMTcREa3tgFuS13zpTPisY0OdnqWaZ54KGTF:gvMYnd4uS13zpTPrY0uqWaURR

Score
10/10
gozi1001isfb

Malware Config

Extracted

Family

gozi

Botnet

1001

C2

https://checklist.skype.com

http://176.10.111.164

http://79.132.130.76

http://170.130.165.60

http://91.242.219.237

http://185.90.162.33

http://185.158.248.100

https://checkdlist.skype.com

http://109.230.199.110

https://checfklist.skype.com

http://45.11.183.24

https://checklisft.skype.com

http://37.10.71.114

http://176.10.119.217

https://checklist.skyfpe.com

http://79.132.133.128
Attributes
  • base_path

    /microsoft/

  • exe_type

    worker

  • extension

    .acx

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    Tasks