General
-
Target
1968-57-0x0000000010000000-0x000000001000E000-memory.dmp
-
Size
56KB
-
Sample
220817-z7e98sfha6
-
MD5
c0bb6f8e70cfe48b7630bd2867a0451e
-
SHA1
bffc0735680708fd912f96206061d764f7d8228c
-
SHA256
5c401df4afd3236189dee1abe739e06d39b2dea4cbc7e602f3e42a9bb6776f98
-
SHA512
018835c56f9d656275c19c4fa694d187183a15eeb4aad628932393e28cf0dafc72df2acb58f838ee2952d8ae391084e0ef9163cea4918784b71cad97d5adaf60
-
SSDEEP
768:A29rU7eukUXM7dseVvW3yyr96/SNxoZC/OFYbmVvP0rhAuCzL+rZhgbtuPja1xDv:naeuZM7Kes3BMexoGvmQhARarEMoxDi
Behavioral task
behavioral1
Sample
1968-57-0x0000000010000000-0x000000001000E000-memory.dll
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
1968-57-0x0000000010000000-0x000000001000E000-memory.dll
Resource
win10v2004-20220812-en
Malware Config
Extracted
gozi_ifsb
3000
config.edge.skype.com
superstarts.top
superlist.top
internetcoca.in
193.106.191.163
-
base_path
/drew/
-
build
250240
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
1968-57-0x0000000010000000-0x000000001000E000-memory.dmp
-
Size
56KB
-
MD5
c0bb6f8e70cfe48b7630bd2867a0451e
-
SHA1
bffc0735680708fd912f96206061d764f7d8228c
-
SHA256
5c401df4afd3236189dee1abe739e06d39b2dea4cbc7e602f3e42a9bb6776f98
-
SHA512
018835c56f9d656275c19c4fa694d187183a15eeb4aad628932393e28cf0dafc72df2acb58f838ee2952d8ae391084e0ef9163cea4918784b71cad97d5adaf60
-
SSDEEP
768:A29rU7eukUXM7dseVvW3yyr96/SNxoZC/OFYbmVvP0rhAuCzL+rZhgbtuPja1xDv:naeuZM7Kes3BMexoGvmQhARarEMoxDi
Score3/10 -