General
-
Target
gozi loader.bin.exe
-
Size
40KB
-
Sample
230319-ghfklahb71
-
MD5
700d3ea5098e7b7f45fceec4df9df798
-
SHA1
8796dfe929e1f9d507a4c7da048fb80eeaed94eb
-
SHA256
061c271c0617e56aeb196c834fcab2d24755afa50cd95cc6a299d76be496a858
-
SHA512
ae66c4be081a5e2e33ab1b729fc7790fe79568063a6611eb9dcb957eb581b97260e7e2ffdd40cdbd4f127e7b8a8cb53b57f3228eb292659994060ca87861ccea
-
SSDEEP
768:4gYKd2Usr2yS5PLHBjderMpEvpZi7/kMPWq9aky77XTm9:4fKdpfh5zHzeApsnI/eZDLI
Behavioral task
behavioral1
Sample
gozi loader.bin.exe
Resource
win7-20230220-en
Malware Config
Extracted
gozi
Extracted
gozi
7709
checklist.skype.com
62.173.141.252
31.41.44.33
109.248.11.112
-
base_path
/drew/
-
build
250255
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
gozi loader.bin.exe
-
Size
40KB
-
MD5
700d3ea5098e7b7f45fceec4df9df798
-
SHA1
8796dfe929e1f9d507a4c7da048fb80eeaed94eb
-
SHA256
061c271c0617e56aeb196c834fcab2d24755afa50cd95cc6a299d76be496a858
-
SHA512
ae66c4be081a5e2e33ab1b729fc7790fe79568063a6611eb9dcb957eb581b97260e7e2ffdd40cdbd4f127e7b8a8cb53b57f3228eb292659994060ca87861ccea
-
SSDEEP
768:4gYKd2Usr2yS5PLHBjderMpEvpZi7/kMPWq9aky77XTm9:4fKdpfh5zHzeApsnI/eZDLI
-