General
-
Target
4344-238-0x00000000005D0000-0x00000000005DE000-memory.dmp
-
Size
56KB
-
Sample
230216-pr4b1shb5w
-
MD5
9171cf6ed5c7365e12ae9d696f4886eb
-
SHA1
ce228c1a5cbb0e5ee8e5947df4e9cf3f6be1149a
-
SHA256
88a6d5f37a6c521171b558e02c784554e7af7c4f86fb5ba0d0630bf7cdae9383
-
SHA512
dc4953b42e0486c8033ab189bc41851f208666c9e46b388fbf82a9a52d712b8f5d418128b1a1efeca6bd6ccc0c790bb0223862ebd11c06796d599e633c00347a
-
SSDEEP
768:ljqfc+ntoR4jInhpp55dWSlkiidEfUPJqBQPt04:l+fc+uR4jaDtmiuqURq
Behavioral task
behavioral1
Sample
4344-238-0x00000000005D0000-0x00000000005DE000-memory.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
4344-238-0x00000000005D0000-0x00000000005DE000-memory.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
gozi
Extracted
gozi
1001
https://checklist.skype.com
http://176.10.125.84
http://91.242.219.235
http://79.132.130.73
http://176.10.119.209
http://194.76.225.88
http://79.132.134.158
-
base_path
/microsoft/
-
build
250256
-
exe_type
loader
-
extension
.acx
-
server_id
50
Targets
-
-
Target
4344-238-0x00000000005D0000-0x00000000005DE000-memory.dmp
-
Size
56KB
-
MD5
9171cf6ed5c7365e12ae9d696f4886eb
-
SHA1
ce228c1a5cbb0e5ee8e5947df4e9cf3f6be1149a
-
SHA256
88a6d5f37a6c521171b558e02c784554e7af7c4f86fb5ba0d0630bf7cdae9383
-
SHA512
dc4953b42e0486c8033ab189bc41851f208666c9e46b388fbf82a9a52d712b8f5d418128b1a1efeca6bd6ccc0c790bb0223862ebd11c06796d599e633c00347a
-
SSDEEP
768:ljqfc+ntoR4jInhpp55dWSlkiidEfUPJqBQPt04:l+fc+uR4jaDtmiuqURq
Score3/10 -