Overview

overview

10

Static

static

10

JaffaCakes...a4.dll

windows7-x64

3

JaffaCakes...a4.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_23e003da7dd0d811755bc57e496f81e2b226698e3f4f9410f72d898c81720da4

  • Size

    340KB

  • MD5

    5ed1d2a027a5754bcd88f5ea2919bc41

  • SHA1

    12ead5ef7e9e2e26bfdae73aade9cfaa0559256a

  • SHA256

    23e003da7dd0d811755bc57e496f81e2b226698e3f4f9410f72d898c81720da4

  • SHA512

    40c137b0ad3e42bf56e648db4f449bf029856d75c57165c601536c513425c8a46578320cd1454e51e4a073bb56d0b479c71a836682c5ef457dcc9197efc2ddb3

  • SSDEEP

    768:6r+BA9U/JFWyvcoyIeb8EvnVBosnO1T2VOYcV0HRoJvv5:6r+y0HWSzeblt6T2VOcihv

Score
10/10
isfb7629gozi

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

7629

C2

jointoblog.top

linkspremium.ru

premiumlists.ru
Attributes
  • base_path

    /drew/

  • build

    250225

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Signatures

  • Gozi family
    gozi
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_23e003da7dd0d811755bc57e496f81e2b226698e3f4f9410f72d898c81720da4
    .dll windows:5 windows x86 arch:x86


    Headers

    Sections