General
-
Target
03ff07649176bc724f5ec93c4ec4a0eb6eb5857aefa4b23040c4f1a1ff974097
-
Size
460KB
-
Sample
220812-armxpsebhl
-
MD5
55aadd23519dec238c6ddeea9d2613b8
-
SHA1
60606d0d711ace56a6306209756e2c02dff7d9a5
-
SHA256
ddb1e53e29471cfec9e3240a0f27b647fb060a41f96192fa3fbc0a07696490c6
-
SHA512
a27d5b7348e490dbf53a3984527ee92e29a0c17c84a555e95696f37cb3e1dbf9f01904216cf3572f1f0546fdae0571d613d7ba559456d30ac884de34a2819536
Static task
static1
Behavioral task
behavioral1
Sample
03ff07649176bc724f5ec93c4ec4a0eb6eb5857aefa4b23040c4f1a1ff974097.dll
Resource
win7-20220718-en
Malware Config
Extracted
gozi_ifsb
3000
config.edge.skype.com
79.110.52.8
79.110.52.80
193.106.191.163
-
base_path
/drew/
-
build
250240
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
03ff07649176bc724f5ec93c4ec4a0eb6eb5857aefa4b23040c4f1a1ff974097
-
Size
634KB
-
MD5
4419b2a8f9c21f0ea3192ef2ed634942
-
SHA1
145974bc0ad6c90158e6ccb188b3588e270084fc
-
SHA256
03ff07649176bc724f5ec93c4ec4a0eb6eb5857aefa4b23040c4f1a1ff974097
-
SHA512
e6a69e9b6488622ce5aa531f7ae0e28989b187b198172b0d664cc6e4ebc5062c1ec08983ebf4c1335e415adbf5673a21ec3ab1e5bb0349dad90a8d214ff26abb
-