General

  • Target

    4508-135-0x00000000007C0000-0x00000000007CD000-memory.dmp

  • Size

    52KB

  • Sample

    230309-k1z9habf49

  • MD5

    23ae42f4d1b5f357ab43a7294cadbef2

  • SHA1

    5a52294f079aece2613299a4c7e7e72ce1d57f7a

  • SHA256

    30ed9e9358e2962f3bb713e99ed6fc9bb9028866cf2adb234d11149c00f96030

  • SHA512

    c7d7cec2fe7ffdb7145cd7efb6aab539ef3ad3fc29a47643d8237e14118919b02bde82cb319424f484f22eef4284cfdc19090f59d0acec89d95eddd733b49581

  • SSDEEP

    1536:thgqqdv+/oPcuvS1igB2Kok5dMqD1GcP:YqCCulS1iXm5dM01G

Score
10/10

Malware Config

Extracted

Family

gozi

Botnet

7712

C2

checklist.skype.com

62.173.141.36

31.41.44.85

193.233.175.98

46.8.210.110

89.116.227.49

Attributes
  • base_path

    /drew/

  • build

    250255

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      4508-135-0x00000000007C0000-0x00000000007CD000-memory.dmp

    • Size

      52KB

    • MD5

      23ae42f4d1b5f357ab43a7294cadbef2

    • SHA1

      5a52294f079aece2613299a4c7e7e72ce1d57f7a

    • SHA256

      30ed9e9358e2962f3bb713e99ed6fc9bb9028866cf2adb234d11149c00f96030

    • SHA512

      c7d7cec2fe7ffdb7145cd7efb6aab539ef3ad3fc29a47643d8237e14118919b02bde82cb319424f484f22eef4284cfdc19090f59d0acec89d95eddd733b49581

    • SSDEEP

      1536:thgqqdv+/oPcuvS1igB2Kok5dMqD1GcP:YqCCulS1iXm5dM01G

    Score
    3/10

MITRE ATT&CK Matrix

Tasks