General
-
Target
server.exe
-
Size
177KB
-
Sample
230320-j5ye2aee8w
-
MD5
88176d4cc232bd1aea81caaa0071174e
-
SHA1
2d0a1593692ec9eeb8f33f48826539fbe8492d6d
-
SHA256
6bff2ef434e07b1919cd17a3f47d1494764f3b5ac2449326ab8f0c53e1a7d3ee
-
SHA512
65eaf077a641a189e07e9a890831aedc945876acaf995158218685a62fc2b147b57026f0e1e7e6fb08f1367af79f249edcabb8ffc15212d79951e6eac937968e
-
SSDEEP
3072:85/nqdR3WDzhpezjJ8gWBziVjeBfTWSrc+:gqbaeBMOKMSrc
Static task
static1
Behavioral task
behavioral1
Sample
server.exe
Resource
win7-20230220-en
Malware Config
Extracted
gozi
Extracted
gozi
7715
checklist.skype.com
62.173.142.81
193.233.175.113
109.248.11.184
212.109.218.26
185.68.93.7
-
base_path
/drew/
-
build
250255
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
server.exe
-
Size
177KB
-
MD5
88176d4cc232bd1aea81caaa0071174e
-
SHA1
2d0a1593692ec9eeb8f33f48826539fbe8492d6d
-
SHA256
6bff2ef434e07b1919cd17a3f47d1494764f3b5ac2449326ab8f0c53e1a7d3ee
-
SHA512
65eaf077a641a189e07e9a890831aedc945876acaf995158218685a62fc2b147b57026f0e1e7e6fb08f1367af79f249edcabb8ffc15212d79951e6eac937968e
-
SSDEEP
3072:85/nqdR3WDzhpezjJ8gWBziVjeBfTWSrc+:gqbaeBMOKMSrc
-