General
-
Target
876-57-0x0000000010000000-0x000000001000E000-memory.dmp
-
Size
56KB
-
Sample
220812-dx96zaaeb4
-
MD5
380b4c03f14b238f7713a2525d064469
-
SHA1
cb541d3e06b61ce91337ebf7bde4ece28257f650
-
SHA256
355fb6defd9f36982c541e297faab9cc116798280497f52c25c3ab0efd5d643f
-
SHA512
7422edcb7e3bd12e8b945a546114562570b950021b0ddaf47b03a279415eaf107e0db32c16d03fa3006cc913399eedfb28008482d0d15b0f5f48d3d46bbe39eb
Behavioral task
behavioral1
Sample
876-57-0x0000000010000000-0x000000001000E000-memory.dll
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
876-57-0x0000000010000000-0x000000001000E000-memory.dll
Resource
win10v2004-20220721-en
Malware Config
Extracted
gozi_ifsb
3000
config.edge.skype.com
79.110.52.8
79.110.52.80
193.106.191.163
-
base_path
/drew/
-
build
250240
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
876-57-0x0000000010000000-0x000000001000E000-memory.dmp
-
Size
56KB
-
MD5
380b4c03f14b238f7713a2525d064469
-
SHA1
cb541d3e06b61ce91337ebf7bde4ece28257f650
-
SHA256
355fb6defd9f36982c541e297faab9cc116798280497f52c25c3ab0efd5d643f
-
SHA512
7422edcb7e3bd12e8b945a546114562570b950021b0ddaf47b03a279415eaf107e0db32c16d03fa3006cc913399eedfb28008482d0d15b0f5f48d3d46bbe39eb
Score3/10 -