General
-
Target
2716-234-0x0000000001130000-0x000000000113E000-memory.dmp
-
Size
56KB
-
Sample
230216-ll3azsgh78
-
MD5
e3190c8781621a97fcab1d95bd970518
-
SHA1
062715bdcce83d2aa5eef1dcdac5ab92c16651a8
-
SHA256
7084f33035eba00cba4ac5dcb7a2865cb4d1ec030d227a775fadb9bd27797c4e
-
SHA512
0aad3d7079f3ccd97687de41af72bcc14cb72ed3f0e82a1b153c82218201310f960c085a32f5c3ccd06712f8cfeb9109665f22bbe265b88ce6e5dfb13e012fd7
-
SSDEEP
768:1ufLCqkEg+oR4jInhpp55dWSlkiidEfUPJqBQPt04:1mCqklR4jaDtmiuqURq
Behavioral task
behavioral1
Sample
2716-234-0x0000000001130000-0x000000000113E000-memory.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
2716-234-0x0000000001130000-0x000000000113E000-memory.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
gozi
Extracted
gozi
1001
https://checklist.skype.com
http://176.10.125.84
http://91.242.219.235
http://79.132.130.73
http://176.10.119.209
http://194.76.225.88
http://79.132.134.158
-
base_path
/microsoft/
-
build
250256
-
exe_type
loader
-
extension
.acx
-
server_id
50
Targets
-
-
Target
2716-234-0x0000000001130000-0x000000000113E000-memory.dmp
-
Size
56KB
-
MD5
e3190c8781621a97fcab1d95bd970518
-
SHA1
062715bdcce83d2aa5eef1dcdac5ab92c16651a8
-
SHA256
7084f33035eba00cba4ac5dcb7a2865cb4d1ec030d227a775fadb9bd27797c4e
-
SHA512
0aad3d7079f3ccd97687de41af72bcc14cb72ed3f0e82a1b153c82218201310f960c085a32f5c3ccd06712f8cfeb9109665f22bbe265b88ce6e5dfb13e012fd7
-
SSDEEP
768:1ufLCqkEg+oR4jInhpp55dWSlkiidEfUPJqBQPt04:1mCqklR4jaDtmiuqURq
Score3/10 -