Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_d78c20ee7ac32e22014eb3b8ffed0854a648ec5c7eb3c16d03f3753e197c0f19

  • Size

    240KB

  • MD5

    72b54e9262c858f0148a8afb54b2b189

  • SHA1

    68a272687599088aa6f87969f0373712b4e504aa

  • SHA256

    d78c20ee7ac32e22014eb3b8ffed0854a648ec5c7eb3c16d03f3753e197c0f19

  • SHA512

    cea5175c8742073013bbe16913a3494e8c6a17a984a993689cb5aaa1e98b5ffbe387a9fa3dc0282a55748e70465bb3b52b12d44f873f0e2d551d47f446a1b403

  • SSDEEP

    3072:EtLjLpy1qye5zYou/3+tjSk+4uDXXZdXhGuGLjCGqC75PcjKb:Ubpy1vIk/3+BSkKX7RdGL35D

Score
10/10
isfb22500gozi

Malware Config

Extracted

Family

gozi

Botnet

22500

C2

confisg.edge.skype.com

http://5icvzwz.xyz

http://185.14.45.80
Attributes
  • base_path

    /recycle/

  • exe_type

    worker

  • extension

    .alo

  • server_id

    50

rsa_pubkey.plain
aes.plain

Signatures

Files

  • JaffaCakes118_d78c20ee7ac32e22014eb3b8ffed0854a648ec5c7eb3c16d03f3753e197c0f19