General
-
Target
server.exe
-
Size
321KB
-
Sample
230309-sre6zabh7x
-
MD5
97fb58dffaa57c59301b9680f331a3c7
-
SHA1
6cd4f85a01c230ebc8feecddaf58e9d605beab2f
-
SHA256
957b7f7039ef6b3c84f374b6b602466cb196e50e477a37e012423b7a9d72aa7f
-
SHA512
2ff2472b40571103eb3df3060099258dc89e47bcbf460d4c1107f61010596a269c20cb7d143ea362c00533edd211694fa690337407c7851de1305811981599d9
-
SSDEEP
3072:CLuI+rRtX63Lz0a/qCaBjus/kMuUQ1GwINU77sDm/lG3bWphFHtUyCXC/OF:Jra3Lzjq/hkhtgUnsa/liSVtTe
Static task
static1
Behavioral task
behavioral1
Sample
server.exe
Resource
win7-20230220-en
Malware Config
Extracted
gozi
7710
checklist.skype.com
62.173.140.103
31.41.44.63
46.8.19.239
185.77.96.40
46.8.19.116
31.41.44.48
62.173.139.11
62.173.138.251
-
base_path
/drew/
-
build
250255
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Extracted
gozi
Targets
-
-
Target
server.exe
-
Size
321KB
-
MD5
97fb58dffaa57c59301b9680f331a3c7
-
SHA1
6cd4f85a01c230ebc8feecddaf58e9d605beab2f
-
SHA256
957b7f7039ef6b3c84f374b6b602466cb196e50e477a37e012423b7a9d72aa7f
-
SHA512
2ff2472b40571103eb3df3060099258dc89e47bcbf460d4c1107f61010596a269c20cb7d143ea362c00533edd211694fa690337407c7851de1305811981599d9
-
SSDEEP
3072:CLuI+rRtX63Lz0a/qCaBjus/kMuUQ1GwINU77sDm/lG3bWphFHtUyCXC/OF:Jra3Lzjq/hkhtgUnsa/liSVtTe
-