General
-
Target
1772-57-0x0000000010000000-0x000000001000E000-memory.dmp
-
Size
56KB
-
Sample
220826-k8eyjaacgm
-
MD5
3504d6fa23c87efcb83529b56000a9f6
-
SHA1
a5b2d092edab826f3c50675e3d99a0b6593dbfa0
-
SHA256
d81623caed1fa8cc7a023e20774ca7c0a19278aa496c5fe9c008646b59f5b2cf
-
SHA512
da5059eb9d3a27177662f0ebddad031573d4169be3abaca9cf959bf1fb51a9c1479917a1b6a4bc43beec91e2477c5aef229f65eace8696866f5f5944fe88aa1a
-
SSDEEP
768:A2rrU7eukUXM7d6VvW/yCdcNtW2RTYBfx6w39rDE3Lkjx2K/ZK38udM:BaeuZM7Ms/XdeD8B56w39HE384h38k
Behavioral task
behavioral1
Sample
1772-57-0x0000000010000000-0x000000001000E000-memory.dll
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
1772-57-0x0000000010000000-0x000000001000E000-memory.dll
Resource
win10v2004-20220812-en
Malware Config
Extracted
gozi_ifsb
3000
config.edge.skype.com
superstarts.top
superlist.top
internetcoca.in
193.106.191.163
-
base_path
/drew/
-
build
250240
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
1772-57-0x0000000010000000-0x000000001000E000-memory.dmp
-
Size
56KB
-
MD5
3504d6fa23c87efcb83529b56000a9f6
-
SHA1
a5b2d092edab826f3c50675e3d99a0b6593dbfa0
-
SHA256
d81623caed1fa8cc7a023e20774ca7c0a19278aa496c5fe9c008646b59f5b2cf
-
SHA512
da5059eb9d3a27177662f0ebddad031573d4169be3abaca9cf959bf1fb51a9c1479917a1b6a4bc43beec91e2477c5aef229f65eace8696866f5f5944fe88aa1a
-
SSDEEP
768:A2rrU7eukUXM7d6VvW/yCdcNtW2RTYBfx6w39rDE3Lkjx2K/ZK38udM:BaeuZM7Ms/XdeD8B56w39HE384h38k
Score3/10 -