General
-
Target
1408-57-0x00000000001C0000-0x000000000022E000-memory.dmp
-
Size
440KB
-
Sample
220707-wfsvgafeg3
-
MD5
9353b8464534a077e1023295e22276dc
-
SHA1
ee5fd74d331fb5faffb4ac54bb031c683eff2f3c
-
SHA256
c8ffba454a1a71f8b5635cd387ab53ed6ecab7102665581a0839403dca0f7bda
-
SHA512
864296da41118aa9508c5a7ccfd98242d714b188df96a32d40877c85e9f04b71bbe28438be3bc6913404da8858968927d01b06c88ef0a4ffa01292c556c96f26
Behavioral task
behavioral1
Sample
1408-57-0x00000000001C0000-0x000000000022E000-memory.dll
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
1408-57-0x00000000001C0000-0x000000000022E000-memory.dll
Resource
win10v2004-20220414-en
Malware Config
Extracted
gozi_ifsb
3000
config.edge.skype.com
79.110.52.164
79.110.52.97
-
base_path
/drew/
-
build
250239
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
1408-57-0x00000000001C0000-0x000000000022E000-memory.dmp
-
Size
440KB
-
MD5
9353b8464534a077e1023295e22276dc
-
SHA1
ee5fd74d331fb5faffb4ac54bb031c683eff2f3c
-
SHA256
c8ffba454a1a71f8b5635cd387ab53ed6ecab7102665581a0839403dca0f7bda
-
SHA512
864296da41118aa9508c5a7ccfd98242d714b188df96a32d40877c85e9f04b71bbe28438be3bc6913404da8858968927d01b06c88ef0a4ffa01292c556c96f26
Score3/10 -