General
-
Target
1636-56-0x00000000002C0000-0x00000000002CD000-memory.dmp
-
Size
52KB
-
Sample
230308-h3nx5see92
-
MD5
e7e1f3b0568e9d36b452b5a60a312802
-
SHA1
380bea05b895e00b6c6e1d47bb3f401ca8ade23f
-
SHA256
aed31acce03b52d766b503af99bae4dabf854af832fcf91103614120da300a9b
-
SHA512
1ea4bc0a9b30d341d891816d69f53132837246fc854b1b5a7fc33b1f02b84ef84f6c8afe0a64df8c82a920462babb18d5841b3753d34b8a50b8c2382f9c64b9b
-
SSDEEP
1536:uxQq9uu/oEkb1LOVSxM5hm6IkdMKD1Gc:jqje1iVSxMuydMU1G
Behavioral task
behavioral1
Sample
1636-56-0x00000000002C0000-0x00000000002CD000-memory.dll
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
1636-56-0x00000000002C0000-0x00000000002CD000-memory.dll
Resource
win10v2004-20230221-en
Malware Config
Extracted
gozi
7711
checklist.skype.com
62.173.138.6
89.117.37.146
46.8.210.82
89.116.227.15
31.41.44.51
-
base_path
/drew/
-
build
250255
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
1636-56-0x00000000002C0000-0x00000000002CD000-memory.dmp
-
Size
52KB
-
MD5
e7e1f3b0568e9d36b452b5a60a312802
-
SHA1
380bea05b895e00b6c6e1d47bb3f401ca8ade23f
-
SHA256
aed31acce03b52d766b503af99bae4dabf854af832fcf91103614120da300a9b
-
SHA512
1ea4bc0a9b30d341d891816d69f53132837246fc854b1b5a7fc33b1f02b84ef84f6c8afe0a64df8c82a920462babb18d5841b3753d34b8a50b8c2382f9c64b9b
-
SSDEEP
1536:uxQq9uu/oEkb1LOVSxM5hm6IkdMKD1Gc:jqje1iVSxMuydMU1G
Score3/10 -