Overview

overview

10

Static

static

10

4524-135-0...ry.dll

windows7-x64

3

4524-135-0...ry.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    4524-135-0x0000000002CF0000-0x0000000002CFD000-memory.dmp

  • Size

    52KB

  • MD5

    485698be0dde1f85dd239afa3c035e1c

  • SHA1

    d1471cdbefde661f1e29c60eccb7f88ee6887546

  • SHA256

    70156c5b033f19f4982d3064eabe68441d6128b22ef6c8e7119a53c001c7507a

  • SHA512

    91bcc94660b2544a760dbd844bd659ad60c6378fc4b3fe76cb4c1944154e5b6071a72c20cc51d46591bcdd5ce01c0e7afcbfcd4844be9a00006bc41cd43eb648

  • SSDEEP

    768:vpspqvzvGcev/I4hCuSHqcTBoBjSVvoraBod/V4972dMJ7hK3D1Gc:vqpqiv/IoCrntxveRd/V072dMOD1Gc

Score
10/10
isfb7709gozi

Malware Config

Extracted

Family

gozi

Botnet

7709

C2

checklist.skype.com

62.173.141.252

31.41.44.33

109.248.11.112
Attributes
  • base_path

    /drew/

  • build

    250255

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Signatures

Files

  • 4524-135-0x0000000002CF0000-0x0000000002CFD000-memory.dmp
    .dll windows x86


    Headers

    Sections