General
-
Target
6da80f8ada352afdb87e199e26d6df5bed03cb738c1ebd46fc42640e14429a5b
-
Size
36KB
-
Sample
220325-vgnrgaada6
-
MD5
311a1a3e30ebc90b3f4b5d13ec0c8d4d
-
SHA1
9f0698b5928f227163b1e8bab084d898dfb057ef
-
SHA256
73c45ca119accbbb3c2abe41823b8dd3c8497c2eab250e7e6f6d64f90c97e2f3
-
SHA512
f16e3e99f001851ef673d58282b75abba2b0fc7f78998729c44d78fc548cf75d82a4e6de994f700b3131a9f5fbb96660a5cc801cf9d1466a01a02adabb62e7e1
Behavioral task
behavioral1
Sample
6da80f8ada352afdb87e199e26d6df5bed03cb738c1ebd46fc42640e14429a5b.exe
Resource
win7-20220310-en
Behavioral task
behavioral2
Sample
6da80f8ada352afdb87e199e26d6df5bed03cb738c1ebd46fc42640e14429a5b.exe
Resource
win10v2004-20220310-en
Malware Config
Extracted
gozi_ifsb
3000
config.edge.skype.com
194.76.226.200
giporedtrip.at
habpfans.at
31.214.157.187
-
base_path
/drew/
-
build
250225
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
6da80f8ada352afdb87e199e26d6df5bed03cb738c1ebd46fc42640e14429a5b
-
Size
36KB
-
MD5
311a1a3e30ebc90b3f4b5d13ec0c8d4d
-
SHA1
9f0698b5928f227163b1e8bab084d898dfb057ef
-
SHA256
73c45ca119accbbb3c2abe41823b8dd3c8497c2eab250e7e6f6d64f90c97e2f3
-
SHA512
f16e3e99f001851ef673d58282b75abba2b0fc7f78998729c44d78fc548cf75d82a4e6de994f700b3131a9f5fbb96660a5cc801cf9d1466a01a02adabb62e7e1
Score1/10 -