General
-
Target
gozi.payload-disk
-
Size
43KB
-
Sample
220321-qt4w1acgen
-
MD5
21e836bd521081f8b97c3e5a31822afe
-
SHA1
fec35c2a1f2d362356573b25f0dd4a50c7be842e
-
SHA256
e6f3b5857a2da506a0f5470400655fc4011600ae4253bba3dae85f7e6a9be6c2
-
SHA512
c27856e4c417ff414c9365d68276a6678449886ac95bb99051fe61024fe2493c01cdd40789e89a0d047d18419db6fcd8085b7876cff3dbc8cd54f4623a6b3977
Behavioral task
behavioral1
Sample
gozi.dll
Resource
win7-20220311-en
Behavioral task
behavioral2
Sample
gozi.dll
Resource
win10v2004-en-20220113
Malware Config
Extracted
gozi_ifsb
7613
interlines.top
interlines.space
linkspremium.ru
premiumlists.ru
-
base_path
/drew/
-
build
250225
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
gozi.payload-disk
-
Size
43KB
-
MD5
21e836bd521081f8b97c3e5a31822afe
-
SHA1
fec35c2a1f2d362356573b25f0dd4a50c7be842e
-
SHA256
e6f3b5857a2da506a0f5470400655fc4011600ae4253bba3dae85f7e6a9be6c2
-
SHA512
c27856e4c417ff414c9365d68276a6678449886ac95bb99051fe61024fe2493c01cdd40789e89a0d047d18419db6fcd8085b7876cff3dbc8cd54f4623a6b3977
Score1/10 -