General
-
Target
1832-57-0x0000000010000000-0x000000001000E000-memory.dmp
-
Size
56KB
-
Sample
220809-pwlb1aaddm
-
MD5
0041b6e645c5dcd86ec9346cd2cc89b6
-
SHA1
408b1f2a4e6f54119e081ab314cd15b6211216c0
-
SHA256
87b1209f93f82c66524e1ea510eccdcb765ccda140a1cd93a42a135a5fdda424
-
SHA512
968ec20bacf0997a7f65e79a605d7ae5f0c5e57933944e6cbf6c3d67014c2e2c325f4ed092e20dfff524cabaf029df2638dc6a2969a3a72ebc8a4a0d02eb5881
Behavioral task
behavioral1
Sample
1832-57-0x0000000010000000-0x000000001000E000-memory.dll
Resource
win7-20220715-en
Behavioral task
behavioral2
Sample
1832-57-0x0000000010000000-0x000000001000E000-memory.dll
Resource
win10v2004-20220721-en
Malware Config
Extracted
gozi_ifsb
3000
config.edge.skype.com
79.110.52.8
79.110.52.80
193.106.191.163
-
base_path
/drew/
-
build
250240
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
1832-57-0x0000000010000000-0x000000001000E000-memory.dmp
-
Size
56KB
-
MD5
0041b6e645c5dcd86ec9346cd2cc89b6
-
SHA1
408b1f2a4e6f54119e081ab314cd15b6211216c0
-
SHA256
87b1209f93f82c66524e1ea510eccdcb765ccda140a1cd93a42a135a5fdda424
-
SHA512
968ec20bacf0997a7f65e79a605d7ae5f0c5e57933944e6cbf6c3d67014c2e2c325f4ed092e20dfff524cabaf029df2638dc6a2969a3a72ebc8a4a0d02eb5881
Score3/10 -