General
-
Target
98b31a7e9193977309bfa77739d0aa29.bin
-
Size
168KB
-
Sample
230308-bxdfwsdd52
-
MD5
fd2bcc3c40d1449a76821601dfc623e1
-
SHA1
1fe007746f67ee3e2d1340854bceedcd8a53ade4
-
SHA256
365a88a175ad9bf189702a88df2b70f297aeda7fa5cda861665533b315b36d5e
-
SHA512
498150ad492fa92816062a4ab15b67ea21353c3fc8932ecdaf1ec90bf8aba2d008e51f652ed1d4206dd4251454b82b1726b1b536f987dd488c14e61686244266
-
SSDEEP
3072:Oo9C9p7EVVGxML3qBESRTncDk6qV1jqlUjT3tJgq79zZlDMCAcfSZBCzy4iW4Q:9srEX53gNcTEqlOTF79zZlJbSZBCzQWR
Static task
static1
Behavioral task
behavioral1
Sample
ad738ad2b402c8918bdfcf0b90c9d3aad7802a62cea735d522351bca5bf8d1d7.exe
Resource
win7-20230220-en
Malware Config
Extracted
gozi
Extracted
gozi
7710
checklist.skype.com
62.173.140.103
31.41.44.63
46.8.19.239
185.77.96.40
46.8.19.116
31.41.44.48
62.173.139.11
62.173.138.251
-
base_path
/drew/
-
build
250255
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
ad738ad2b402c8918bdfcf0b90c9d3aad7802a62cea735d522351bca5bf8d1d7.exe
-
Size
321KB
-
MD5
98b31a7e9193977309bfa77739d0aa29
-
SHA1
2b0e4c6ff0448e9ca370b456e2522a175f0cbdc6
-
SHA256
ad738ad2b402c8918bdfcf0b90c9d3aad7802a62cea735d522351bca5bf8d1d7
-
SHA512
0b062e09f79990e65c26668c8b3a58b203aa05da53cc53c2db6010f034ade4f88bb42b260ba7af7f7a32279b7de3496b6aa8abae6a5421e13468cac97c7ec3de
-
SSDEEP
3072:9I669inLJ1MYFsZaznV7dSYXnGqyQxkTw03GWvmb6MRi/4OJdL0KY9e5fT:i6XnLXLsZMTX7yBw03LEDr
-