Overview

overview

10

Static

static

10

1380-135-0...ry.dll

windows7-x64

3

1380-135-0...ry.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1380-135-0x00000000021E0000-0x00000000021ED000-memory.dmp

  • Size

    52KB

  • MD5

    85918133d3a7da696ea181c6b62b1212

  • SHA1

    577bc52d9bcc99f0f3503492e9231a1b490f96f3

  • SHA256

    d05d927c941002b7d7703b44eb51325283ce0a6ec0e3dddce86b6f4258ccc21f

  • SHA512

    2fbae9113e6ea5e85912e5debf8cd8e99a2b09e5fabf1ad623d0503e882c7784b8e41c5cb6b82c94e968413b9c89fbc2542d7ab6ea3495a50e6cb4284f5f0ff8

  • SSDEEP

    768:5EQAH8qFrgc+QxmjW/I4WIQR7GHzx2WZ23KNech/+QiqpijdMhhK3D1Gc:mBcq5+W/ILFRId2Wdhtiq8jdMeD1Gc

Score
10/10
isfb7711gozi

Malware Config

Extracted

Family

gozi

Botnet

7711

C2

checklist.skype.com

62.173.138.6

89.117.37.146

46.8.210.82

89.116.227.15

31.41.44.51
Attributes
  • base_path

    /drew/

  • build

    250255

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Signatures

Files

  • 1380-135-0x00000000021E0000-0x00000000021ED000-memory.dmp
    .dll windows x86


    Headers

    Sections