Overview

overview

10

Static

static

10

1180-56-0x...ry.dll

windows7-x64

3

1180-56-0x...ry.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1180-56-0x0000000000300000-0x000000000030D000-memory.dmp

  • Size

    52KB

  • MD5

    f056e697ad71b4e576f58fc05256b3b6

  • SHA1

    12f7ded37b3bd178aa8748c2de2d368caf9a3045

  • SHA256

    2e2493f7a63c44c1f1cf931b2232130be73abbc30af15739fd4447d5a5919837

  • SHA512

    db953151b5bec3e8f6e8a4826ea759d0b782a55986cc70ddcf8db94b5d198dd20e036f6e53d323f5b26f76cc4d5e34ef2c39a6f7ee5e6713b77785efebb50700

  • SSDEEP

    768:GH0gMqVhhCz+2rS/w4SLNJzCHrBm5wKmE2jeg6+HQbdM2ihK3D1Gc:GdMqbsRS/wTLNWdm5Kp6+wbdMKD1Gc

Score
10/10
isfb7713gozi

Malware Config

Extracted

Family

gozi

Botnet

7713

C2

checklist.skype.com

62.173.142.51

94.103.183.153

193.233.175.111

109.248.11.145

31.41.44.106

191.96.251.201
Attributes
  • base_path

    /drew/

  • build

    250255

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Signatures

Files

  • 1180-56-0x0000000000300000-0x000000000030D000-memory.dmp
    .dll windows x86


    Headers

    Sections