General
-
Target
e1029789f70054736738b7861f9e5e7305aca6abb3c752fcc3a2bb361fc1e4f6
-
Size
246KB
-
Sample
220812-a9cvfshaa3
-
MD5
924cffc2e11e9cb4f3fd8d6b7fd06f5f
-
SHA1
4d087054a76637de2ca84cd14c4fe363c663f8c5
-
SHA256
d872b6ae317c2d29d79db97bf53c550c00dfc3f677d48a6a3cca70857315aca2
-
SHA512
76879a64b1fa1a82b2da81311a496000ca61913b568b89287f614a560fd17a22c782ff4c770dc1e311719811922902c339822a2aabbd3b739e02cfaa88839ef2
Static task
static1
Behavioral task
behavioral1
Sample
e1029789f70054736738b7861f9e5e7305aca6abb3c752fcc3a2bb361fc1e4f6.dll
Resource
win7-20220718-en
Malware Config
Extracted
gozi_ifsb
3000
config.edge.skype.com
79.110.52.8
79.110.52.80
193.106.191.163
-
base_path
/drew/
-
build
250240
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
e1029789f70054736738b7861f9e5e7305aca6abb3c752fcc3a2bb361fc1e4f6
-
Size
349KB
-
MD5
918b6c9700deb71f57f0ea15c87570a2
-
SHA1
1ea39c732d0a2b9f0fcbaf03a6876a60c6a88772
-
SHA256
e1029789f70054736738b7861f9e5e7305aca6abb3c752fcc3a2bb361fc1e4f6
-
SHA512
ca35b379add5a2c3f4c0a7abc58869763a5abe6892074ef7a3809e666333b2da96b07c0984f6c96b1a2e72689cefae6bf01af4a2978dd35887722e0c05c080ed
-