General
-
Target
3036-234-0x0000000001210000-0x000000000121E000-memory.dmp
-
Size
56KB
-
Sample
230216-l8v57agg2y
-
MD5
06e80bf92b613aeb179d57b7215ff313
-
SHA1
c96863142099200142d1cd5dac032f6d039c2857
-
SHA256
f5c4e67b910a76f650aa7b5bca6f3a04a084a77e032a6e5abd384eb7e4176d8a
-
SHA512
7d20e69aa13dcff4d99aaa2ae7b7e6b1e16c14661b846c2cfb654745aa6293e9044688018f90c9b06f07d5dd727b5b4aeeece5234309d9959d1e5bfbca7ea8fc
-
SSDEEP
768:sYkVEqodfoR4jInhpp55dWSlkiidEfUPJqBQPt04:sYqEqomR4jaDtmiuqURq
Behavioral task
behavioral1
Sample
3036-234-0x0000000001210000-0x000000000121E000-memory.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
3036-234-0x0000000001210000-0x000000000121E000-memory.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
gozi
Extracted
gozi
1001
https://checklist.skype.com
http://176.10.125.84
http://91.242.219.235
http://79.132.130.73
http://176.10.119.209
http://194.76.225.88
http://79.132.134.158
-
base_path
/microsoft/
-
build
250256
-
exe_type
loader
-
extension
.acx
-
server_id
50
Targets
-
-
Target
3036-234-0x0000000001210000-0x000000000121E000-memory.dmp
-
Size
56KB
-
MD5
06e80bf92b613aeb179d57b7215ff313
-
SHA1
c96863142099200142d1cd5dac032f6d039c2857
-
SHA256
f5c4e67b910a76f650aa7b5bca6f3a04a084a77e032a6e5abd384eb7e4176d8a
-
SHA512
7d20e69aa13dcff4d99aaa2ae7b7e6b1e16c14661b846c2cfb654745aa6293e9044688018f90c9b06f07d5dd727b5b4aeeece5234309d9959d1e5bfbca7ea8fc
-
SSDEEP
768:sYkVEqodfoR4jInhpp55dWSlkiidEfUPJqBQPt04:sYqEqomR4jaDtmiuqURq
Score3/10 -