General
-
Target
640a1fe083711[1].tar.zip
-
Size
359KB
-
Sample
230309-xa6ptahf87
-
MD5
d638fa0ac510220859a7ed9eb7b1abde
-
SHA1
17d07f18fa9982556364a3bfc8937b2a548a73f7
-
SHA256
f7ecbe51adcdb9d89535b9a5bbfa0be08867eeaa0b12cf7f43f66d797a909741
-
SHA512
9ca8e9156c73813013e71ab69eec040dc8cf08b716c6b6e7694203d3c86b1c7cdd0aa3f2d47896a32f20bc3a5efe1d8e367d986025bb408c91b194767b1004d1
-
SSDEEP
6144:Yh47alh1NTLXSEhbK2P1ZbTTXB831hwArT8+s+FvwGyYaCSYmM0HWgwAJIZdUrB5:mia5FTSeK2P1d3ec4XsU9JdSYJ0HWgBr
Static task
static1
Behavioral task
behavioral1
Sample
640a1fe083711[1].dll
Resource
win7-20230220-en
Malware Config
Extracted
gozi
Extracted
gozi
5050
https://config.edge.skype.com
157.254.195.117
91.215.85.151
-
base_path
/jerry/
-
build
250255
-
exe_type
loader
-
extension
.bob
-
server_id
50
Targets
-
-
Target
640a1fe083711[1].tar
-
Size
670KB
-
MD5
bbcc8ce7492115e5970d0b47f9432f07
-
SHA1
9514f33b0e0ce4814c422c754f5181a9337b6d4b
-
SHA256
715cd8f5ce329b92ed0361a50ce7cc90e7b34746380542c040b85d09d3a4fcff
-
SHA512
399b533f25317f0a83cc585929768908cbd09eff7a83a99afc2aa975b8a3dde2d02c450b6f5911ef2cff0ad9998673629fff0e59e6f562c0f49913611b0059fe
-
SSDEEP
12288:fcmMRzyQI3Ng+k+f1EuzWrlKkI3I6SZk95VnedDBJhx0W:NMR+93k82uyr0zIfrD
-