General
-
Target
bd3f26523c5cad6fe9632bfd4f6449bc_JaffaCakes118
-
Size
541KB
-
Sample
240619-h5y6wswfnb
-
MD5
bd3f26523c5cad6fe9632bfd4f6449bc
-
SHA1
492f9c4bb1bba2f94b889e9de68e9a6b0289de41
-
SHA256
34ad177800e89a94d27b7ea4f39cd805c2910fa6afcb835501567b59415af0ed
-
SHA512
116b5bbf456ac0863cd787fe45b4bf9729d94aaffe2a4f05b150a85f66c04cfa2faf179ba0a8f5abd5358470831c05ded6663402adf9d5085c9631fd898f4587
-
SSDEEP
12288:VF75Cm31VCpGJfLnba3vpFs10bjZca/HhJL+7Jt:VF75R3He1fZca7L+7
Static task
static1
Behavioral task
behavioral1
Sample
bd3f26523c5cad6fe9632bfd4f6449bc_JaffaCakes118.dll
Resource
win7-20240611-en
Malware Config
Extracted
gozi
Extracted
gozi
7220
pop53334.yahoo.com
web.kundertviolas.com
-
build
250154
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
Targets
-
-
Target
bd3f26523c5cad6fe9632bfd4f6449bc_JaffaCakes118
-
Size
541KB
-
MD5
bd3f26523c5cad6fe9632bfd4f6449bc
-
SHA1
492f9c4bb1bba2f94b889e9de68e9a6b0289de41
-
SHA256
34ad177800e89a94d27b7ea4f39cd805c2910fa6afcb835501567b59415af0ed
-
SHA512
116b5bbf456ac0863cd787fe45b4bf9729d94aaffe2a4f05b150a85f66c04cfa2faf179ba0a8f5abd5358470831c05ded6663402adf9d5085c9631fd898f4587
-
SSDEEP
12288:VF75Cm31VCpGJfLnba3vpFs10bjZca/HhJL+7Jt:VF75R3He1fZca7L+7
-