General
-
Target
1088-59-0x00000000001F0000-0x00000000001FE000-memory.dmp
-
Size
56KB
-
Sample
230309-mfn2vaag8t
-
MD5
4bbc2b6ff50f6a8d035c68e53aada94c
-
SHA1
a6907fdbf79e2fac39c05439200380c4e1e66e60
-
SHA256
3b419b1cfa6e33a78bbc8d083ae55c5517ccffa79372b758e9321598ba6290ab
-
SHA512
ddbd423eec57bd9d324983917f5f22223c866c479eaa23792bb9bcb489bc0da50b31f99a4d3c5c63fa2876b32743bd091633f36a44ce4e7bb4e395483edf8f76
-
SSDEEP
768:A221W1xm3L4Tv0yC5PLHBjderMpEvpZi7/kMPWq9aky77XTm9:QMbm3L4Id5zHzeApsnI/eZDLI
Behavioral task
behavioral1
Sample
1088-59-0x00000000001F0000-0x00000000001FE000-memory.dll
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
1088-59-0x00000000001F0000-0x00000000001FE000-memory.dll
Resource
win10v2004-20230220-en
Malware Config
Extracted
gozi
Extracted
gozi
5050
https://config.edge.skype.com
157.254.195.117
91.215.85.151
-
base_path
/jerry/
-
build
250255
-
exe_type
loader
-
extension
.bob
-
server_id
50
Targets
-
-
Target
1088-59-0x00000000001F0000-0x00000000001FE000-memory.dmp
-
Size
56KB
-
MD5
4bbc2b6ff50f6a8d035c68e53aada94c
-
SHA1
a6907fdbf79e2fac39c05439200380c4e1e66e60
-
SHA256
3b419b1cfa6e33a78bbc8d083ae55c5517ccffa79372b758e9321598ba6290ab
-
SHA512
ddbd423eec57bd9d324983917f5f22223c866c479eaa23792bb9bcb489bc0da50b31f99a4d3c5c63fa2876b32743bd091633f36a44ce4e7bb4e395483edf8f76
-
SSDEEP
768:A221W1xm3L4Tv0yC5PLHBjderMpEvpZi7/kMPWq9aky77XTm9:QMbm3L4Id5zHzeApsnI/eZDLI
Score1/10 -