Overview

overview

10

Static

static

10

2008-56-0x...ry.dll

windows7-x64

3

2008-56-0x...ry.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    2008-56-0x00000000002C0000-0x00000000002CD000-memory.dmp

  • Size

    52KB

  • MD5

    13cbe5cd31ce3da486b4d6dc682cbe8c

  • SHA1

    4001109557fec6dbc931c9f1a0d9736c9abe2ed1

  • SHA256

    2b6f3e7762fbe63d6b6f104c4936b2fdfa455a65c1ef0c5ddfdaba7596ad8fdb

  • SHA512

    b780202a98a9a62375c3eba92539bfe1c08dcfb317479b1325cf926118f92f433b5a9b9ca978973fbc9510941d9c0e3801ea68e9a780081620f381eeb0ea45d7

  • SSDEEP

    1536:mxQq9uu/oEkb1LOVSxM5hm6IbcdMKD1Gc4d:rqje1iVSxMuudMU1G9d

Score
10/10
isfb7710gozi

Malware Config

Extracted

Family

gozi

Botnet

7710

C2

checklist.skype.com

62.173.140.103

31.41.44.63

46.8.19.239

185.77.96.40

46.8.19.116

31.41.44.48

62.173.139.11

62.173.138.251
Attributes
  • base_path

    /drew/

  • build

    250255

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Signatures

Files

  • 2008-56-0x00000000002C0000-0x00000000002CD000-memory.dmp
    .dll windows x86


    Headers

    Sections