Overview

overview

10

Static

static

10

2584-135-0...ry.dll

windows7-x64

3

2584-135-0...ry.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2584-135-0x0000000002D80000-0x0000000002D8D000-memory.dmp

  • Size

    52KB

  • MD5

    35784e4148c8123ab6350fd547f707cb

  • SHA1

    ab1328ef32d64d4c0280ccec867e18c102b54e91

  • SHA256

    e8bf04060930c079b23d7e221fab7876fd737c0c5d51cb4add878f07be47307f

  • SHA512

    684647f697e1047006f3b8ae97f9b13620e16df9da0f00f9e1f298f219fa7d7f96db255188716efbdc48496fd526f80dfda9e1b93027d0dab2c45595cbc126e9

  • SSDEEP

    768:p8W4k2qVDnskVGtk/E43YCst5+H5LIISOvwUZEYvUIlOKdMxhK3D1Gc:p8WV2qRqk/EmY7wpIgN8IAKdMOD1Gc

Score
10/10
isfb7709gozi

Malware Config

Extracted

Family

gozi

Botnet

7709

C2

checklist.skype.com

62.173.141.252

31.41.44.33

109.248.11.112
Attributes
  • base_path

    /drew/

  • build

    250255

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Signatures

Files

  • 2584-135-0x0000000002D80000-0x0000000002D8D000-memory.dmp
    .dll windows x86


    Headers

    Sections