General
-
Target
4912-237-0x00000000001E0000-0x00000000001ED000-memory.dmp
-
Size
52KB
-
Sample
230216-jz9acagc6y
-
MD5
702a3d52c7825da6e386b6b8ac9509af
-
SHA1
262df104deeec93cab04bd29ac4776c6f7d61b90
-
SHA256
9bf0c8bff7c6dfd19d717fcc821fc0c753c3b758fe6b75bb3c85b9040f18d932
-
SHA512
3640db29dba66ee78c7a69cd014385218cab2ad6524cd05b93e5f7cb63d17c525dfec4825e78d4b0a8f1e8954bbcbc9495b9b0ace63b4c7a4b96a7967bcd8484
-
SSDEEP
768:5refh72T8ejiuQpIjjQZsj9Zp0ywxPy46tYRNjtll09CsPhc/1d4coqZ:he5UiFpyys/p0Fxq46tYR5l0UsPy/AQ
Behavioral task
behavioral1
Sample
4912-237-0x00000000001E0000-0x00000000001ED000-memory.dll
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
4912-237-0x00000000001E0000-0x00000000001ED000-memory.dll
Resource
win10v2004-20220812-en
Malware Config
Extracted
gozi
1001
https://checklist.skype.com
http://176.10.125.84
http://91.242.219.235
http://79.132.130.73
http://176.10.119.209
http://194.76.225.88
http://79.132.134.158
-
base_path
/microsoft/
-
build
250256
-
exe_type
loader
-
extension
.acx
-
server_id
50
Targets
-
-
Target
4912-237-0x00000000001E0000-0x00000000001ED000-memory.dmp
-
Size
52KB
-
MD5
702a3d52c7825da6e386b6b8ac9509af
-
SHA1
262df104deeec93cab04bd29ac4776c6f7d61b90
-
SHA256
9bf0c8bff7c6dfd19d717fcc821fc0c753c3b758fe6b75bb3c85b9040f18d932
-
SHA512
3640db29dba66ee78c7a69cd014385218cab2ad6524cd05b93e5f7cb63d17c525dfec4825e78d4b0a8f1e8954bbcbc9495b9b0ace63b4c7a4b96a7967bcd8484
-
SSDEEP
768:5refh72T8ejiuQpIjjQZsj9Zp0ywxPy46tYRNjtll09CsPhc/1d4coqZ:he5UiFpyys/p0Fxq46tYR5l0UsPy/AQ
Score3/10 -