General
-
Target
gozi.payload-disk
-
Size
43KB
-
Sample
220826-k97pyabch7
-
MD5
8fef30ff79225d9232a55dd5c85a375c
-
SHA1
335359d01a6290a6518af3b6d51d6f51f5a8439d
-
SHA256
72d5b97a5b873ef9975826be0cc902d1df9f25ad4bc98cc352b06328f03225e2
-
SHA512
528e43c462293eaca03cfaa15cef013bd69815676280641998a783e871f8f0be933c4ee5e210d4c1909655ae1dbdb9c556cc8865b493eaf09db163679c54e656
-
SSDEEP
768:0lYhzJ2VQEFfLCUeQCuu6Mf39Y+RMRZOz4yM7gp/6lvVpT:0lYhzJ2VQEFf/2VYuAZOzNM7uyH
Behavioral task
behavioral1
Sample
gozi.dll
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
gozi.dll
Resource
win10v2004-20220812-en
Malware Config
Extracted
gozi_ifsb
3000
config.edge.skype.com
superstarts.top
superlist.top
internetcoca.in
193.106.191.163
-
base_path
/drew/
-
build
250240
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
gozi.payload-disk
-
Size
43KB
-
MD5
8fef30ff79225d9232a55dd5c85a375c
-
SHA1
335359d01a6290a6518af3b6d51d6f51f5a8439d
-
SHA256
72d5b97a5b873ef9975826be0cc902d1df9f25ad4bc98cc352b06328f03225e2
-
SHA512
528e43c462293eaca03cfaa15cef013bd69815676280641998a783e871f8f0be933c4ee5e210d4c1909655ae1dbdb9c556cc8865b493eaf09db163679c54e656
-
SSDEEP
768:0lYhzJ2VQEFfLCUeQCuu6Mf39Y+RMRZOz4yM7gp/6lvVpT:0lYhzJ2VQEFf/2VYuAZOzNM7uyH
Score1/10 -