General
-
Target
gozi.payload-disk
-
Size
43KB
-
Sample
230309-jpbw4abb97
-
MD5
99f3bdae548f13df05abf52fdc664bd6
-
SHA1
7dbaa568ffecabad7655d559fa29901bd7dae058
-
SHA256
f000742f91c25d08477ee7350a252ee79ede94380624086e6fc3dad058244aaa
-
SHA512
75a2dcf85d1906d7c4517fec10f9b90bf9442fa57116c81b4d793fbdbda7dd35e3dc5e55e2e4f2fb6a63bca0a9904f59736aa80c1ce22b14142cff7427a5e023
-
SSDEEP
768:N0gsqVXye2rS/Q4VYXQIVpCHlNBmQWGk2j+A6ewBvu7gpzhK3D1GcP:N9sq8S/QEYXQIVWlvmYp6ewNu7hD1GcP
Behavioral task
behavioral1
Sample
gozi.dll
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
gozi.dll
Resource
win10v2004-20230220-en
Malware Config
Extracted
gozi
7712
checklist.skype.com
62.173.141.36
31.41.44.85
193.233.175.98
46.8.210.110
89.116.227.49
-
base_path
/drew/
-
build
250255
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
gozi.payload-disk
-
Size
43KB
-
MD5
99f3bdae548f13df05abf52fdc664bd6
-
SHA1
7dbaa568ffecabad7655d559fa29901bd7dae058
-
SHA256
f000742f91c25d08477ee7350a252ee79ede94380624086e6fc3dad058244aaa
-
SHA512
75a2dcf85d1906d7c4517fec10f9b90bf9442fa57116c81b4d793fbdbda7dd35e3dc5e55e2e4f2fb6a63bca0a9904f59736aa80c1ce22b14142cff7427a5e023
-
SSDEEP
768:N0gsqVXye2rS/Q4VYXQIVpCHlNBmQWGk2j+A6ewBvu7gpzhK3D1GcP:N9sq8S/QEYXQIVWlvmYp6ewNu7hD1GcP
Score1/10 -