General
-
Target
1396-57-0x0000000000270000-0x00000000002DE000-memory.dmp
-
Size
440KB
-
Sample
220707-lnrl9sddf5
-
MD5
ab893bed4a79c96d4693d74b6cf0fb92
-
SHA1
35f126be5c87e90d3ea2f9fc92a63108d0aaa355
-
SHA256
e69f03143b43e1c81faf7dc503efb6b514031c6c74d94661428aae489c6ad5b2
-
SHA512
613b0c426e9be003745d29a6bc5c8c91307ae1bef1cbb37f0b00f553ce5a4053b6b8388153a17c381bdcd1fca4dd7221507a734cd7742af6480727368bacda93
Behavioral task
behavioral1
Sample
1396-57-0x0000000000270000-0x00000000002DE000-memory.dll
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
1396-57-0x0000000000270000-0x00000000002DE000-memory.dll
Resource
win10v2004-20220414-en
Malware Config
Extracted
gozi_ifsb
3000
config.edge.skype.com
79.110.52.164
79.110.52.97
-
base_path
/drew/
-
build
250239
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
1396-57-0x0000000000270000-0x00000000002DE000-memory.dmp
-
Size
440KB
-
MD5
ab893bed4a79c96d4693d74b6cf0fb92
-
SHA1
35f126be5c87e90d3ea2f9fc92a63108d0aaa355
-
SHA256
e69f03143b43e1c81faf7dc503efb6b514031c6c74d94661428aae489c6ad5b2
-
SHA512
613b0c426e9be003745d29a6bc5c8c91307ae1bef1cbb37f0b00f553ce5a4053b6b8388153a17c381bdcd1fca4dd7221507a734cd7742af6480727368bacda93
Score3/10 -