General
-
Target
gozi.payload-disk
-
Size
43KB
-
Sample
220328-nyjerahgd4
-
MD5
34819f3e4ba7671fba38c7b1ebbbdfe9
-
SHA1
cad7c6a7c651a0288226dcc38981cb959884be8d
-
SHA256
52025d90356119878f1b2ddb3361a9892d8e2762d583ed109af7b8f06c9c0b2f
-
SHA512
3b1943ded4aea5b6cba5102cfaf69f634d13d82b1805f9cd558516e11446d10ad995c1b3dde138fde23300c0287a385f77b3dcf7d7cea7efadaed505dcafbd70
Behavioral task
behavioral1
Sample
gozi.dll
Resource
win7-20220310-en
Behavioral task
behavioral2
Sample
gozi.dll
Resource
win10v2004-en-20220113
Malware Config
Extracted
gozi_ifsb
3000
config.edge.skype.com
46.30.43.44
185.154.52.213
185.154.53.38
-
base_path
/drew/
-
build
250225
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
gozi.payload-disk
-
Size
43KB
-
MD5
34819f3e4ba7671fba38c7b1ebbbdfe9
-
SHA1
cad7c6a7c651a0288226dcc38981cb959884be8d
-
SHA256
52025d90356119878f1b2ddb3361a9892d8e2762d583ed109af7b8f06c9c0b2f
-
SHA512
3b1943ded4aea5b6cba5102cfaf69f634d13d82b1805f9cd558516e11446d10ad995c1b3dde138fde23300c0287a385f77b3dcf7d7cea7efadaed505dcafbd70
Score1/10 -