Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

JaffaCakes...fa.exe

windows7-x64

JaffaCakes...fa.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_b2b36f6b05bd7d6fc040e74e46d9e5fbb7f058c7f9ec06af1b3b8b5ea3fb06fa

  • Size

    468KB

  • Sample

    241225-ddm74avrcx

  • MD5

    944c2e1d110d743f3616734d0abc0b14

  • SHA1

    a41cb7985caa16d107fbed1504d196aae3e712f8

  • SHA256

    b2b36f6b05bd7d6fc040e74e46d9e5fbb7f058c7f9ec06af1b3b8b5ea3fb06fa

  • SHA512

    bfb5ce89f0de2ae4d73be67ea8cac5560ea23c2324f9c9836693ece098ca2ea046a2eaa4345e9b0be381adea7aa270ab92e6e58affbbbb31bacaa32c9efce4e1

  • SSDEEP

    3072:JmHvnOt6FciPROJcdAR/1BGfdAYNjme5NQ5QtM/h3HL20VE:JmPnsqL4adg/1BoA7GLtWL2f

Score
10/10
gozi7622isfb

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

7622

C2

botanlink.top

linkspremium.ru

premiumlists.ru
Attributes
  • base_path

    /drew/

  • build

    250225

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      JaffaCakes118_b2b36f6b05bd7d6fc040e74e46d9e5fbb7f058c7f9ec06af1b3b8b5ea3fb06fa

    • Size

      468KB

    • MD5

      944c2e1d110d743f3616734d0abc0b14

    • SHA1

      a41cb7985caa16d107fbed1504d196aae3e712f8

    • SHA256

      b2b36f6b05bd7d6fc040e74e46d9e5fbb7f058c7f9ec06af1b3b8b5ea3fb06fa

    • SHA512

      bfb5ce89f0de2ae4d73be67ea8cac5560ea23c2324f9c9836693ece098ca2ea046a2eaa4345e9b0be381adea7aa270ab92e6e58affbbbb31bacaa32c9efce4e1

    • SSDEEP

      3072:JmHvnOt6FciPROJcdAR/1BGfdAYNjme5NQ5QtM/h3HL20VE:JmPnsqL4adg/1BoA7GLtWL2f

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks