Overview

overview

10

Static

static

10

3088-135-0...ry.dll

windows7-x64

3

3088-135-0...ry.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    3088-135-0x00000000006A0000-0x00000000006AD000-memory.dmp

  • Size

    52KB

  • MD5

    2a00a4c094baa1c691688f81cdf1635a

  • SHA1

    52be66c9b22b2972d3682bc8b3ffae9e5a70e73a

  • SHA256

    fac5a0be0a72edaf20c56d5016c6be461b3519e53082220eb2bdd80c4d32f7d7

  • SHA512

    160ad6d639c33d224823ad7e8a6c814a47d6422ba994df1bf8c46dc89fd45fd74c3fd6e942b82214aca16987b2f219a34da3686d5707f1840c240b25c308bd87

  • SSDEEP

    768:uyEiqMD4KFSjYWf2RM/U4o7PCHFHM+hfBq6AkxQ4YILQH36dMdhK3D1Gc:uriqsM/UV74hM+HxRYILQqdM6D1Gc

Score
10/10
isfb7713gozi

Malware Config

Extracted

Family

gozi

Botnet

7713

C2

checklist.skype.com

62.173.142.51

94.103.183.153

193.233.175.111

109.248.11.145

31.41.44.106

191.96.251.201
Attributes
  • base_path

    /drew/

  • build

    250255

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Signatures

Files

  • 3088-135-0x00000000006A0000-0x00000000006AD000-memory.dmp
    .dll windows x86


    Headers

    Sections