General
-
Target
gozi.payload-disk
-
Size
43KB
-
Sample
230308-h5fpjsef22
-
MD5
e12d09d7f5bc156c651ad31508626593
-
SHA1
afdbc23b99f31640b473772dc1db24ffc9ed61a9
-
SHA256
5bd64a7b018db5b4538d8077ad7a50871dc6c5682a1f151cc5e8a42673e4384f
-
SHA512
2c60802a1c448e3cbbaee2a99744abbbc008ac8ba369beb1c0728629b93f78e587dea542b1c1556f0be203863fdcb3abe0094b0cc08ccf4c4324ff43914ace00
-
SSDEEP
768:5c0gsqVXye2rS/Q4VYXQIVpCHlNBmQWGk2j+A6ewBvu7gpzhK3D1Gc:+9sq8S/QEYXQIVWlvmYp6ewNu7hD1Gc
Behavioral task
behavioral1
Sample
gozi.dll
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
gozi.dll
Resource
win10v2004-20230220-en
Malware Config
Extracted
gozi
7711
checklist.skype.com
62.173.138.6
89.117.37.146
46.8.210.82
89.116.227.15
31.41.44.51
-
base_path
/drew/
-
build
250255
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
gozi.payload-disk
-
Size
43KB
-
MD5
e12d09d7f5bc156c651ad31508626593
-
SHA1
afdbc23b99f31640b473772dc1db24ffc9ed61a9
-
SHA256
5bd64a7b018db5b4538d8077ad7a50871dc6c5682a1f151cc5e8a42673e4384f
-
SHA512
2c60802a1c448e3cbbaee2a99744abbbc008ac8ba369beb1c0728629b93f78e587dea542b1c1556f0be203863fdcb3abe0094b0cc08ccf4c4324ff43914ace00
-
SSDEEP
768:5c0gsqVXye2rS/Q4VYXQIVpCHlNBmQWGk2j+A6ewBvu7gpzhK3D1Gc:+9sq8S/QEYXQIVWlvmYp6ewNu7hD1Gc
Score1/10 -