General
-
Target
1004-57-0x0000000010000000-0x000000001000E000-memory.dmp
-
Size
56KB
-
Sample
220803-lhxw4ahfd5
-
MD5
ddda82e8562eee55624a2ba724439ed7
-
SHA1
9811af927e98c462a1b43c1b7401d02596d943d5
-
SHA256
816bdd0552529fde179cc7563fe853bc9d7c9cd7fa5050145abdce2972036c6c
-
SHA512
2101e569861649373686e50eecbad54042dfc4d495fbc426b1d895766af6d45d78b4994da33c2aa688bc4fc34ced53ec4df99527c803df03d06d9de05e435409
Behavioral task
behavioral1
Sample
1004-57-0x0000000010000000-0x000000001000E000-memory.dll
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
1004-57-0x0000000010000000-0x000000001000E000-memory.dll
Resource
win10v2004-20220722-en
Malware Config
Extracted
gozi_ifsb
3000
config.edge.skype.com
37.120.206.71
37.120.206.84
193.106.191.163
-
base_path
/drew/
-
build
250240
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
1004-57-0x0000000010000000-0x000000001000E000-memory.dmp
-
Size
56KB
-
MD5
ddda82e8562eee55624a2ba724439ed7
-
SHA1
9811af927e98c462a1b43c1b7401d02596d943d5
-
SHA256
816bdd0552529fde179cc7563fe853bc9d7c9cd7fa5050145abdce2972036c6c
-
SHA512
2101e569861649373686e50eecbad54042dfc4d495fbc426b1d895766af6d45d78b4994da33c2aa688bc4fc34ced53ec4df99527c803df03d06d9de05e435409
Score3/10 -