General
-
Target
1476-175-0x00000000007F0000-0x00000000007FE000-memory.dmp
-
Size
56KB
-
Sample
230217-jkknfaed23
-
MD5
5bd62e5885e8399dcbad3dedde07a7ec
-
SHA1
b323d3a063f01c26770fb95b9d422f60e0103dc2
-
SHA256
e4b9e72a34275209d85ed6b7caf1c3215ffec38a059059b30c91b67178d15eaf
-
SHA512
0baa3a6746398540bb238543e787e306a605c12f778a7fddf8a23c59961c0860b3d2d977bf7da1edbe40e0d1e5f1b92dd40d18e12a68c27846c57e3a7308bd92
-
SSDEEP
768:pFIVgW9QoR4jInhpp55dWSlkiidEfUPJqBQPt04:pKVgWPR4jaDtmiuqURq
Behavioral task
behavioral1
Sample
1476-175-0x00000000007F0000-0x00000000007FE000-memory.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
1476-175-0x00000000007F0000-0x00000000007FE000-memory.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
gozi
Extracted
gozi
1001
https://checklist.skype.com
http://176.10.125.84
http://91.242.219.235
http://79.132.130.73
http://176.10.119.209
http://194.76.225.88
http://79.132.134.158
-
base_path
/microsoft/
-
build
250256
-
exe_type
loader
-
extension
.acx
-
server_id
50
Targets
-
-
Target
1476-175-0x00000000007F0000-0x00000000007FE000-memory.dmp
-
Size
56KB
-
MD5
5bd62e5885e8399dcbad3dedde07a7ec
-
SHA1
b323d3a063f01c26770fb95b9d422f60e0103dc2
-
SHA256
e4b9e72a34275209d85ed6b7caf1c3215ffec38a059059b30c91b67178d15eaf
-
SHA512
0baa3a6746398540bb238543e787e306a605c12f778a7fddf8a23c59961c0860b3d2d977bf7da1edbe40e0d1e5f1b92dd40d18e12a68c27846c57e3a7308bd92
-
SSDEEP
768:pFIVgW9QoR4jInhpp55dWSlkiidEfUPJqBQPt04:pKVgWPR4jaDtmiuqURq
Score3/10 -