General
-
Target
1252-57-0x0000000010000000-0x000000001000E000-memory.dmp
-
Size
56KB
-
Sample
220810-r5228abeeq
-
MD5
fc635bc2ed48cec52f254fe66b848cab
-
SHA1
3778e2f2d95b055e2833ba2d5e63c24739b8d22b
-
SHA256
7d7ae317f3ad0ae27aedde1586456a1a1d295dedb5ede9564ab38515eeca2927
-
SHA512
b7d431911549bea880e058345066b5583f36197d3cbe0a32cfb734e837babb3a82a23dc56e08ff5a880205b68747e5b30da1248da6259db5848adff24680e8fd
Behavioral task
behavioral1
Sample
1252-57-0x0000000010000000-0x000000001000E000-memory.dll
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
1252-57-0x0000000010000000-0x000000001000E000-memory.dll
Resource
win10v2004-20220721-en
Malware Config
Extracted
gozi_ifsb
3000
config.edge.skype.com
79.110.52.8
79.110.52.80
193.106.191.163
-
base_path
/drew/
-
build
250240
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
1252-57-0x0000000010000000-0x000000001000E000-memory.dmp
-
Size
56KB
-
MD5
fc635bc2ed48cec52f254fe66b848cab
-
SHA1
3778e2f2d95b055e2833ba2d5e63c24739b8d22b
-
SHA256
7d7ae317f3ad0ae27aedde1586456a1a1d295dedb5ede9564ab38515eeca2927
-
SHA512
b7d431911549bea880e058345066b5583f36197d3cbe0a32cfb734e837babb3a82a23dc56e08ff5a880205b68747e5b30da1248da6259db5848adff24680e8fd
Score3/10 -