General
-
Target
gozi.payload-disk
-
Size
43KB
-
Sample
220317-lnktqabbcp
-
MD5
7c30a730ae6a19fd39377ac70dde1aa0
-
SHA1
63bb79daadf84081827394ab27652436ded7b53e
-
SHA256
e105922d77028c891b36eaeda9e536e9bbfbd6de6f78219e49e1d7c83fa67d93
-
SHA512
d9366f0d50a3a335e1648811068a639b2e557cbd89e4db6747b35056564ef9228635da0476d549ce752d4be156c4069726ffc0bf3f98b55bae83287fc0e7b24b
Behavioral task
behavioral1
Sample
gozi.dll
Resource
win7-20220311-en
Behavioral task
behavioral2
Sample
gozi.dll
Resource
win10v2004-en-20220113
Malware Config
Extracted
gozi_ifsb
7624
atmospheri.top
linkspremium.ru
premiumlists.ru
-
base_path
/drew/
-
build
250225
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
gozi.payload-disk
-
Size
43KB
-
MD5
7c30a730ae6a19fd39377ac70dde1aa0
-
SHA1
63bb79daadf84081827394ab27652436ded7b53e
-
SHA256
e105922d77028c891b36eaeda9e536e9bbfbd6de6f78219e49e1d7c83fa67d93
-
SHA512
d9366f0d50a3a335e1648811068a639b2e557cbd89e4db6747b35056564ef9228635da0476d549ce752d4be156c4069726ffc0bf3f98b55bae83287fc0e7b24b
Score1/10 -