General
-
Target
server.exe
-
Size
185KB
-
Sample
230308-y5jzzagh27
-
MD5
8471983647373e0bbf28b42cbeef05cd
-
SHA1
b96e96b206aa49c958f1f72faa9c94836ba40ee8
-
SHA256
bb426461ef70ffd601cb64a687c62edda066b99a79e49d880918300da5eb6548
-
SHA512
cab6f5f63b48ddd51447ac76219a222937810a7d9be85e886817cada7d8d90087ab32d8dae347c298784d72ca8ca22f415ec718738019839f81f765bb83a583c
-
SSDEEP
3072:99TF8soKOiplAtOJy6xOAOwk+JpWV9I7C+vaaTqF:R7ojip5DOwk+JpWV9oCua7
Static task
static1
Behavioral task
behavioral1
Sample
server.exe
Resource
win7-20230220-en
Malware Config
Extracted
gozi
Extracted
gozi
7711
checklist.skype.com
62.173.138.6
89.117.37.146
46.8.210.82
89.116.227.15
31.41.44.51
-
base_path
/drew/
-
build
250255
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
server.exe
-
Size
185KB
-
MD5
8471983647373e0bbf28b42cbeef05cd
-
SHA1
b96e96b206aa49c958f1f72faa9c94836ba40ee8
-
SHA256
bb426461ef70ffd601cb64a687c62edda066b99a79e49d880918300da5eb6548
-
SHA512
cab6f5f63b48ddd51447ac76219a222937810a7d9be85e886817cada7d8d90087ab32d8dae347c298784d72ca8ca22f415ec718738019839f81f765bb83a583c
-
SSDEEP
3072:99TF8soKOiplAtOJy6xOAOwk+JpWV9I7C+vaaTqF:R7ojip5DOwk+JpWV9oCua7
-