General

  • Target

    3100-135-0x00000000021E0000-0x00000000021ED000-memory.dmp

  • Size

    52KB

  • MD5

    933e139e2413c29e3eab9c4364f9dd9f

  • SHA1

    d434e993f45e45638ceb6d268c11ddb060c41904

  • SHA256

    3ebc9758d14cac0bd35277ca275c078eba9222784270b19f10da269295ab192c

  • SHA512

    c990947aaa30dc15076fd799fd1c05eba51c023c0a0935233f764bf9199f871dc91bdf281423681eb3824435543e97b6836bf74aa29c5063863f0581cc322700

  • SSDEEP

    768:5EQAH8qFrgc+QxmjW/I4WIQR7GHzx2WZ23KNech/+Qiqpi6dMhhK3D1Gc:mBcq5+W/ILFRId2Wdhtiq86dMeD1Gc

Score
10/10

Malware Config

Extracted

Family

gozi

Botnet

7711

C2

checklist.skype.com

62.173.138.6

89.117.37.146

46.8.210.82

89.116.227.15

31.41.44.51

Attributes
  • base_path

    /drew/

  • build

    250255

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Signatures

Files

  • 3100-135-0x00000000021E0000-0x00000000021ED000-memory.dmp
    .dll windows x86


    Headers

    Sections