General
-
Target
1056-57-0x0000000010000000-0x000000001000E000-memory.dmp
-
Size
56KB
-
Sample
220812-d1cpwaaec6
-
MD5
3b5b79094a5f7d0d67e78e2bab398dc7
-
SHA1
4819edc4cd27ff3988de924e469c5cfa111e2341
-
SHA256
ece62bc799b2a2d166be9512a6b19fa529c10f954fbf726bcff953733346058e
-
SHA512
3d9a61a2e8727b5f2cdeeba89b26433970276e0042c2f32d82bd09dae0b81857eb06af785c56b7fa208c6c633c7a4171e62a95a7e6e68d6971bc2e390b87df95
Behavioral task
behavioral1
Sample
1056-57-0x0000000010000000-0x000000001000E000-memory.dll
Resource
win7-20220715-en
Behavioral task
behavioral2
Sample
1056-57-0x0000000010000000-0x000000001000E000-memory.dll
Resource
win10v2004-20220721-en
Malware Config
Extracted
gozi_ifsb
3000
config.edge.skype.com
79.110.52.8
79.110.52.80
193.106.191.163
-
base_path
/drew/
-
build
250240
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
1056-57-0x0000000010000000-0x000000001000E000-memory.dmp
-
Size
56KB
-
MD5
3b5b79094a5f7d0d67e78e2bab398dc7
-
SHA1
4819edc4cd27ff3988de924e469c5cfa111e2341
-
SHA256
ece62bc799b2a2d166be9512a6b19fa529c10f954fbf726bcff953733346058e
-
SHA512
3d9a61a2e8727b5f2cdeeba89b26433970276e0042c2f32d82bd09dae0b81857eb06af785c56b7fa208c6c633c7a4171e62a95a7e6e68d6971bc2e390b87df95
Score3/10 -