General
-
Target
1924-58-0x00000000001E0000-0x000000000025E000-memory.dmp
-
Size
504KB
-
Sample
220328-nvxszahgc5
-
MD5
b7084ab6d6c16a1db481b3b8641c7c13
-
SHA1
d044c7436d41b2399ad1545a639f0258ffd889ed
-
SHA256
06ece25766e09ea527e3360625d16cc9e6de3b6d6ab3d1549c1022d6c8574be9
-
SHA512
7286438d8f2d96fd613489abb72c944311a28f5c6ecd63d2892cbe0ca3278497280557c8783216a937c618e08aa7ac0a310b558c2705b774b0c8292a5a3db2e6
Behavioral task
behavioral1
Sample
1924-58-0x00000000001E0000-0x000000000025E000-memory.dll
Resource
win7-20220310-en
Behavioral task
behavioral2
Sample
1924-58-0x00000000001E0000-0x000000000025E000-memory.dll
Resource
win10v2004-en-20220113
Malware Config
Extracted
gozi_ifsb
3000
config.edge.skype.com
46.30.43.44
185.154.52.213
185.154.53.38
-
base_path
/drew/
-
build
250225
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
1924-58-0x00000000001E0000-0x000000000025E000-memory.dmp
-
Size
504KB
-
MD5
b7084ab6d6c16a1db481b3b8641c7c13
-
SHA1
d044c7436d41b2399ad1545a639f0258ffd889ed
-
SHA256
06ece25766e09ea527e3360625d16cc9e6de3b6d6ab3d1549c1022d6c8574be9
-
SHA512
7286438d8f2d96fd613489abb72c944311a28f5c6ecd63d2892cbe0ca3278497280557c8783216a937c618e08aa7ac0a310b558c2705b774b0c8292a5a3db2e6
Score3/10 -