General
-
Target
server.exe
-
Size
265KB
-
Sample
230307-xj7y8sag5w
-
MD5
e300e7c359c3792e263a1de5dfeb6040
-
SHA1
4951349e2d0112fdb7475ac9dfe9825096b972ba
-
SHA256
0c1d1a60a0fc143c9fc830be48c53d488b414921cf4d97d66466ff2a628d1b4d
-
SHA512
06a89e44f3864a333d0775436910017e4b953f5af501b3c7f9ce969005854c59371c0a776d0a2fac3bfb853e04b6eed5d86f9eeb6c18996c91f1cb7289c64736
-
SSDEEP
3072:YiTkTkLBIs1teAyoa09He+O1OcNI9ZFFbzeAlWNwqBO8DdrFFtI4eZov:YhILvPenLb5NI9ZFFneK6/rFLI4eZu
Static task
static1
Behavioral task
behavioral1
Sample
server.exe
Resource
win7-20230220-en
Malware Config
Extracted
gozi
Extracted
gozi
7710
checklist.skype.com
62.173.140.103
31.41.44.63
46.8.19.239
185.77.96.40
46.8.19.116
31.41.44.48
62.173.139.11
62.173.138.251
-
base_path
/drew/
-
build
250255
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
server.exe
-
Size
265KB
-
MD5
e300e7c359c3792e263a1de5dfeb6040
-
SHA1
4951349e2d0112fdb7475ac9dfe9825096b972ba
-
SHA256
0c1d1a60a0fc143c9fc830be48c53d488b414921cf4d97d66466ff2a628d1b4d
-
SHA512
06a89e44f3864a333d0775436910017e4b953f5af501b3c7f9ce969005854c59371c0a776d0a2fac3bfb853e04b6eed5d86f9eeb6c18996c91f1cb7289c64736
-
SSDEEP
3072:YiTkTkLBIs1teAyoa09He+O1OcNI9ZFFbzeAlWNwqBO8DdrFFtI4eZov:YhILvPenLb5NI9ZFFneK6/rFLI4eZu
-