Overview

overview

10

Static

static

10

4924-135-0...ry.dll

windows7-x64

3

4924-135-0...ry.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    4924-135-0x0000000002210000-0x000000000221D000-memory.dmp

  • Size

    52KB

  • MD5

    381ec27156a9a5d1c0d911bfe026673f

  • SHA1

    45d2cf258912ab90f76ef091e0e4554088281d8c

  • SHA256

    1a2c590534207b212dfce097cfa7c484d0edd22e045c9979b4354dd75c1a2105

  • SHA512

    0137ace603ec6e7a77d70b2f9d24dc677f92b95df994704514cd3cbd0545fcb9f83a59e28ae9ccb1506748c4e69856e2b7cf767c43ab58127fe440669bdf18fe

  • SSDEEP

    768:4zIbqLDFaAQV/E4rgVQxyHIWfcBWCtEPQHrUTedMZhK3D1Gc:4cbqOV/EOgVQ2PfYhHrUSdMGD1Gc

Score
10/10
isfb7713gozi

Malware Config

Extracted

Family

gozi

Botnet

7713

C2

checklist.skype.com

62.173.142.51

94.103.183.153

193.233.175.111

109.248.11.145

31.41.44.106

191.96.251.201
Attributes
  • base_path

    /drew/

  • build

    250255

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Signatures

Files

  • 4924-135-0x0000000002210000-0x000000000221D000-memory.dmp
    .dll windows x86


    Headers

    Sections