General
-
Target
tAF8C.svg
-
Size
339KB
-
Sample
230316-q3nw5sdd4v
-
MD5
ff02fe5d16d3abcbef7b17ee384e734f
-
SHA1
7796e4d639823bb80fe94af55abc037c8c06c35c
-
SHA256
0f5c83fb5172a5ea04a023ef355d274f7572e0d294be6f9664d1d3bd8540fdcf
-
SHA512
1bfc68a18ba0fa1f4b94891fb280c36480471b43fb6e3d1e715e378a71b3d0482dba5530577ee87e35ef90ffec21935d22383acc010f439bcc0ff6d8bfd2d087
-
SSDEEP
6144:yFkcequUUnJqlXp8qm6SUbWNGhw2/K6786TEnCAIpi9MxipEl7BuHBTpOdNPIGA3:wkXG58L6foMbGB
Static task
static1
Behavioral task
behavioral1
Sample
tAF8C.dll
Resource
win7-20230220-en
Malware Config
Extracted
gozi
Extracted
gozi
5050
https://config.edge.skype.com
157.254.195.117
91.215.85.172
-
base_path
/jerry/
-
build
250255
-
exe_type
loader
-
extension
.bob
-
server_id
50
Targets
-
-
Target
tAF8C.svg
-
Size
339KB
-
MD5
ff02fe5d16d3abcbef7b17ee384e734f
-
SHA1
7796e4d639823bb80fe94af55abc037c8c06c35c
-
SHA256
0f5c83fb5172a5ea04a023ef355d274f7572e0d294be6f9664d1d3bd8540fdcf
-
SHA512
1bfc68a18ba0fa1f4b94891fb280c36480471b43fb6e3d1e715e378a71b3d0482dba5530577ee87e35ef90ffec21935d22383acc010f439bcc0ff6d8bfd2d087
-
SSDEEP
6144:yFkcequUUnJqlXp8qm6SUbWNGhw2/K6786TEnCAIpi9MxipEl7BuHBTpOdNPIGA3:wkXG58L6foMbGB
-