General
-
Target
431c575587d9938ba31a73b4fdbef08b.bin
-
Size
169KB
-
Sample
230308-bkwrpsdc73
-
MD5
37bff9d0ee86197d5c27cc4257022086
-
SHA1
a26c5239cf59ca86d3c0174c54de6c0db86cc75f
-
SHA256
dd701fd4d477d8869e88c4432106862cc409af3f1c0dcec22dee4ff40fbb4e15
-
SHA512
48bc188dceebd4b23158abe9d5ad9ced409296c09c96d49f6ac938ab76e9aadd3e266fd01404772400ab68aa7670ff4101c3a38fffaad34e08dee7e1ecc499d4
-
SSDEEP
3072:c7MJ2gIGKcsUhGkMjz+E3F99Gq99ApG+amRmvGFNoW/Czq77GrG8Rora282yt/:c76Js/jL/939Ap7XmvGFNVarzZiyt/
Static task
static1
Behavioral task
behavioral1
Sample
236f2a9fcc1176a802946828029465d054626f92d258015f8abccdc52d2365e7.exe
Resource
win7-20230220-en
Malware Config
Extracted
gozi
Extracted
gozi
7710
checklist.skype.com
62.173.140.103
31.41.44.63
46.8.19.239
185.77.96.40
46.8.19.116
31.41.44.48
62.173.139.11
62.173.138.251
-
base_path
/drew/
-
build
250255
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
236f2a9fcc1176a802946828029465d054626f92d258015f8abccdc52d2365e7.exe
-
Size
321KB
-
MD5
431c575587d9938ba31a73b4fdbef08b
-
SHA1
0b54adf6c018ab02f93b4faf68f64a7623d1b7b2
-
SHA256
236f2a9fcc1176a802946828029465d054626f92d258015f8abccdc52d2365e7
-
SHA512
f2ea2e130f33b896713c10d3fbd8572adb13815d12adb5d2ec13b631bf5e72d8072b89274aec9fec631beb57fae041b02d337b0046aec1e6c1274672e9d301da
-
SSDEEP
3072:WpuIWHR3foxLjSafmuaXZus/rutDMZDXvCXzdVKu6HR/ayjGZEOF:bH2xLjhmlDruWFXvSM9xaeE
-