General
-
Target
gozi.payload-disk
-
Size
43KB
-
Sample
220809-pht2zsabcl
-
MD5
e36a2ad652142295d4a83f009597e897
-
SHA1
3ac847fdf1889ee87b60af6cf0ef7a6535785156
-
SHA256
d312a673f75b4f7b6ed96b7d0da28e0da41f191807af6541c84da85a56bb4134
-
SHA512
1764400f84cf451e29583c161a0cf7901ccf45aa4b7f7dfef5ac17e3590fc98215ad8ccad69012a74e2f8eaf0f4d7153e12de16815bf46941b70a826eaea41c3
Behavioral task
behavioral1
Sample
gozi.dll
Resource
win7-20220715-en
Behavioral task
behavioral2
Sample
gozi.dll
Resource
win10v2004-20220721-en
Malware Config
Extracted
gozi_ifsb
3000
config.edge.skype.com
79.110.52.8
79.110.52.80
193.106.191.163
-
base_path
/drew/
-
build
250240
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
gozi.payload-disk
-
Size
43KB
-
MD5
e36a2ad652142295d4a83f009597e897
-
SHA1
3ac847fdf1889ee87b60af6cf0ef7a6535785156
-
SHA256
d312a673f75b4f7b6ed96b7d0da28e0da41f191807af6541c84da85a56bb4134
-
SHA512
1764400f84cf451e29583c161a0cf7901ccf45aa4b7f7dfef5ac17e3590fc98215ad8ccad69012a74e2f8eaf0f4d7153e12de16815bf46941b70a826eaea41c3
Score1/10 -