Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_e842fdf69908876a7f972e0d3ce614d777580331ffc1e5e06be757b62bb8a7c8

  • Size

    240KB

  • Sample

    241225-fbt9qsyjh1

  • MD5

    cbbbd4083811a6f800fec9919cb70f36

  • SHA1

    57612b880798234e36ed3a0c36b9aa78dd884ad1

  • SHA256

    e842fdf69908876a7f972e0d3ce614d777580331ffc1e5e06be757b62bb8a7c8

  • SHA512

    2e630d535fbc2ccf457a1bbe31edd52d4f31590856dd514b61752b893ecfecbe9d41d44edcbaee5c2f5c5a4d417e3f40e7ca59d78d285f985335095717d2434b

  • SSDEEP

    3072:ytLjLpy1qye5zYou/3+tjSk+4uDXXZdXhGuG4jCGqC75PcjwWlm:6bpy1vIk/3+BSkKX7RdG4352

Score
10/10
gozi7639isfb

Malware Config

Extracted

Family

gozi

Botnet

7639

C2

185.31.162.9

31.41.46.120

31.41.44.71

62.173.147.138

31.41.44.79

62.173.147.142

62.173.147.64
Attributes
  • base_path

    /drew/

  • exe_type

    worker

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    Tasks