General
-
Target
gozi.payload-disk
-
Size
43KB
-
Sample
220803-llzj4aagbr
-
MD5
3a8f2a2d40f118146d8d3f2f42315739
-
SHA1
3b4ef4c3a1a3c6d6aa0ab9006952b5bb8fa73749
-
SHA256
ae9f0663e71d68075993bb8b1576bdc7b7497782ec34741b150c8937f00cc3f4
-
SHA512
df85bf5f327d0bae6e061c7c6182e99170d66107066256928b4dd4b7af1fcb02fa96b4f43bbca0e97654db11d1bce2b7b468601b4190288a36efcaf013e5f27d
Behavioral task
behavioral1
Sample
gozi.dll
Resource
win7-20220715-en
Behavioral task
behavioral2
Sample
gozi.dll
Resource
win10v2004-20220721-en
Malware Config
Extracted
gozi_ifsb
3000
config.edge.skype.com
37.120.206.71
37.120.206.84
193.106.191.163
-
base_path
/drew/
-
build
250240
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
gozi.payload-disk
-
Size
43KB
-
MD5
3a8f2a2d40f118146d8d3f2f42315739
-
SHA1
3b4ef4c3a1a3c6d6aa0ab9006952b5bb8fa73749
-
SHA256
ae9f0663e71d68075993bb8b1576bdc7b7497782ec34741b150c8937f00cc3f4
-
SHA512
df85bf5f327d0bae6e061c7c6182e99170d66107066256928b4dd4b7af1fcb02fa96b4f43bbca0e97654db11d1bce2b7b468601b4190288a36efcaf013e5f27d
Score1/10 -