Overview

overview

10

Static

static

10

460-135-0x...ry.dll

windows7-x64

3

460-135-0x...ry.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    460-135-0x00000000048B0000-0x00000000048BD000-memory.dmp

  • Size

    52KB

  • MD5

    d361122fb6d57ff5d030ce4ecaaab4d2

  • SHA1

    ccdba66034a9d6967ca31b4eb7a21740b621f9db

  • SHA256

    c8cae77fbb5bba9ffc180bf2eeddc89ccaa6531f0ee9bb13c6854ffcc7cafb25

  • SHA512

    91ec0075ea3759fa1b8451a5af64140f04e93ddd529344fae2b876c87a844c2a717bafc42978e54874f3f077950efb03fb3159bd919181fb6c19852d1cd51ba9

  • SSDEEP

    768:Nzcrq/f1evfsg5/Y4DgsWHIeHPoOa/90nUjfY/4dMBbhK3D1Gch:NQrqwD5/YagZjHPk5jfYwdMWD1Gc

Score
10/10
isfb7714gozi

Malware Config

Extracted

Family

gozi

Botnet

7714

C2

checklist.skype.com

5.44.43.17

31.41.44.108

62.173.138.213

109.248.11.174
Attributes
  • base_path

    /drew/

  • build

    250255

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Signatures

Files

  • 460-135-0x00000000048B0000-0x00000000048BD000-memory.dmp
    .dll windows x86


    Headers

    Sections