Overview
overview
10Static
static
6570872.lnk
windows7-x64
36570872.lnk
windows10-2004-x64
3me/123.exe
windows7-x64
me/123.exe
windows10-2004-x64
1me/alsoOne.bat
windows7-x64
1me/alsoOne.bat
windows10-2004-x64
1me/canWell.js
windows7-x64
1me/canWell.js
windows10-2004-x64
1me/itsIt.dll
windows7-x64
10me/itsIt.dll
windows10-2004-x64
10General
-
Target
3488164.iso
-
Size
556KB
-
Sample
220826-kxqwnabbc4
-
MD5
f7d85c971e9604cc6d2a2ffcac1ee4a3
-
SHA1
67175143196c17f10776bdf5fbf832e50a646824
-
SHA256
e999890ce5eb5b456563650145308ae837d940e38aec50d2f02670671d472b99
-
SHA512
71bd76baf1226f74423d942eed2c436e808e1196ac88e17af3262c800b0d1cb1bcc09cb8253de9629160d786cb77224621c4ac4989c264c12dd87c872032aa78
-
SSDEEP
12288:aROUwJHGYTZhVyYtmNNEw2nSl5rrPZh5MxOKRgEk:akHJHGYPwPEPSlZZh5MxnBk
Static task
static1
Behavioral task
behavioral1
Sample
6570872.lnk
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
6570872.lnk
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
me/123.exe
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
me/123.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral5
Sample
me/alsoOne.bat
Resource
win7-20220812-en
Behavioral task
behavioral6
Sample
me/alsoOne.bat
Resource
win10v2004-20220812-en
Behavioral task
behavioral7
Sample
me/canWell.js
Resource
win7-20220812-en
Behavioral task
behavioral8
Sample
me/canWell.js
Resource
win10v2004-20220812-en
Behavioral task
behavioral9
Sample
me/itsIt.dll
Resource
win7-20220812-en
Malware Config
Extracted
gozi_ifsb
3000
config.edge.skype.com
superstarts.top
superlist.top
internetcoca.in
193.106.191.163
-
base_path
/drew/
-
build
250240
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
6570872.lnk
-
Size
1KB
-
MD5
c6b605a120e0d3f3cbd146bdbc358834
-
SHA1
328afa8338d60202d55191912eea6151f80956d3
-
SHA256
16323b3e56a0cbbba742b8d0af8519f53a78c13f9b3473352fcce2d28660cb37
-
SHA512
221792719ac73861dd574c9e9fa3c2cd64c0f409e493768f37c2a75ce4c0671c5d72aa2ef89aef71c91723fe40ff1f45636200193d7c059fc33df94898fbcb61
Score3/10 -
-
-
Target
me/123.com
-
Size
60KB
-
MD5
d0432468fa4b7f66166c430e1334dbda
-
SHA1
f72d978f4d1ca1c435b1164e7617464cc06a9381
-
SHA256
7d99c80a1249a1ec9af0f3047c855778b06ea57e11943a271071985afe09e6c2
-
SHA512
c6db867f1a240b0524d5854516d36bedf220f256ca0bde5f3529586e83dd52b5ecd4e1e1b89b54f67b117879deb2d51310e9151b3c29836de99f7ae89e24da69
-
SSDEEP
768:pxwG48P6ESdJHC4F8t1gkXDXmekVZRNbSEln5IyYpamDjobj8SSa:n942hIpitWumbZR/ln5IUmDjoXb
Score1/10 -
-
-
Target
me/alsoOne.bat
-
Size
75B
-
MD5
c03f5e2bc4f2307f6ee68675d2026c82
-
SHA1
4ce65da98f0fd0fc4372b97b3e6f8fbeec32deb3
-
SHA256
6a9b7c289d7338760dd38d42a9e61d155ae906c14e80a1fed2ec62a4327a4f71
-
SHA512
9226d19ba2bb0a196fe8dc2e45e40e46acbd1674e0a3469eb0f1da3fc9f488fd11042e9493c1d3d3925e2cc0e5bf33ee1d167e684a34f5c07bdb3ca36d69efd8
Score1/10 -
-
-
Target
me/canWell.js
-
Size
389B
-
MD5
6bb867e53c46aa55a3ae92e425c6df91
-
SHA1
6d4f1a9658baccd2e406454b2ad40ca2353916ab
-
SHA256
5b51bd2518ad4b9353898ed329f1b2b60f72142f90cd7e37ee42579ee1b645be
-
SHA512
4a1a0a4fd5a9c48f56ea58a40eccb65470a81852ae2a3a5511608e3af4818b8265510e85367126b1dc1d63825cb038fa266bd7f52d0fecaa845e060f202554ad
Score1/10 -
-
-
Target
me/itsIt.db
-
Size
351KB
-
MD5
60375d64a9a496e220b6eb1b63e899b3
-
SHA1
d1b2dd93026b83672118940df78a41e2ee02be80
-
SHA256
8e570e32acb99abfd0daf62cff13a09eb694ebfa633a365d224aefc6449f97de
-
SHA512
94dd11ffac54db7301572688958a7e8c0a8486a614370dc5e78a0148c31bfbdc856dc8313ea8b06e0ed6d7e57b45e649af72bba56723b96e1269dfec5e0dcc5f
-
SSDEEP
6144:S5UwskH5M4JuJAGEshm9uu7tDC/vjalCX6hBydwErnZJ2hVmv3Itrfq/mENG1w2O:oUwJHGYTZhVyYtmNNEw2nSl5rrPZh5Mx
-