General

  • Target

    1636-56-0x00000000002C0000-0x00000000002CD000-memory.dmp

  • Size

    52KB

  • Sample

    230308-h3nx5see92

  • MD5

    e7e1f3b0568e9d36b452b5a60a312802

  • SHA1

    380bea05b895e00b6c6e1d47bb3f401ca8ade23f

  • SHA256

    aed31acce03b52d766b503af99bae4dabf854af832fcf91103614120da300a9b

  • SHA512

    1ea4bc0a9b30d341d891816d69f53132837246fc854b1b5a7fc33b1f02b84ef84f6c8afe0a64df8c82a920462babb18d5841b3753d34b8a50b8c2382f9c64b9b

  • SSDEEP

    1536:uxQq9uu/oEkb1LOVSxM5hm6IkdMKD1Gc:jqje1iVSxMuydMU1G

Score
10/10

Malware Config

Extracted

Family

gozi

Botnet

7711

C2

checklist.skype.com

62.173.138.6

89.117.37.146

46.8.210.82

89.116.227.15

31.41.44.51

Attributes
  • base_path

    /drew/

  • build

    250255

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      1636-56-0x00000000002C0000-0x00000000002CD000-memory.dmp

    • Size

      52KB

    • MD5

      e7e1f3b0568e9d36b452b5a60a312802

    • SHA1

      380bea05b895e00b6c6e1d47bb3f401ca8ade23f

    • SHA256

      aed31acce03b52d766b503af99bae4dabf854af832fcf91103614120da300a9b

    • SHA512

      1ea4bc0a9b30d341d891816d69f53132837246fc854b1b5a7fc33b1f02b84ef84f6c8afe0a64df8c82a920462babb18d5841b3753d34b8a50b8c2382f9c64b9b

    • SSDEEP

      1536:uxQq9uu/oEkb1LOVSxM5hm6IkdMKD1Gc:jqje1iVSxMuydMU1G

    Score
    3/10

MITRE ATT&CK Matrix

Tasks