General
-
Target
3492-199-0x00000000009F0000-0x00000000009FE000-memory.dmp
-
Size
56KB
-
Sample
230217-bjwejsda67
-
MD5
b7166e793c39a50d810e374208e88554
-
SHA1
e172d66ade349d1d73534cabcd644285d2a20fff
-
SHA256
bdb95e23e6572c08ca3477af5fc1caf5cdaf63ea1e80a24756357ad5d74d60b8
-
SHA512
00919f5d79b4feec92f264a34186a5f3dd9411104d1a1eb9672d98777675924108beaa848f7c26ea34828f394e784fbaff8884156d7f46820ad5006d15f43bf9
-
SSDEEP
768:mGlo1gW5qoR4jInhpp55dWSlkiidEfUPJqBQPt04:pK1gWBR4jaDtmiuqURq
Behavioral task
behavioral1
Sample
3492-199-0x00000000009F0000-0x00000000009FE000-memory.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
3492-199-0x00000000009F0000-0x00000000009FE000-memory.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
gozi
Extracted
gozi
1001
https://checklist.skype.com
http://176.10.125.84
http://91.242.219.235
http://79.132.130.73
http://176.10.119.209
http://194.76.225.88
http://79.132.134.158
-
base_path
/microsoft/
-
build
250256
-
exe_type
loader
-
extension
.acx
-
server_id
50
Targets
-
-
Target
3492-199-0x00000000009F0000-0x00000000009FE000-memory.dmp
-
Size
56KB
-
MD5
b7166e793c39a50d810e374208e88554
-
SHA1
e172d66ade349d1d73534cabcd644285d2a20fff
-
SHA256
bdb95e23e6572c08ca3477af5fc1caf5cdaf63ea1e80a24756357ad5d74d60b8
-
SHA512
00919f5d79b4feec92f264a34186a5f3dd9411104d1a1eb9672d98777675924108beaa848f7c26ea34828f394e784fbaff8884156d7f46820ad5006d15f43bf9
-
SSDEEP
768:mGlo1gW5qoR4jInhpp55dWSlkiidEfUPJqBQPt04:pK1gWBR4jaDtmiuqURq
Score3/10 -