General
-
Target
server.exe
-
Size
177KB
-
Sample
230320-kxwrxacf38
-
MD5
b464a776c70edbd27af4b57cda69071e
-
SHA1
ba889d743dd798bfea074c7d253adf8f14806d45
-
SHA256
d20bdec1d1c63d93bccf249fc8a64db3998f6eb5aef27029ff03cbec9e98d3b5
-
SHA512
cce35723d7529bd86016d58dd50d917533ae365e56505f105f22da72f670fd80601492637db53fa37e4596df64f828e0ef3962c8e51414b4720104c41aa0d361
-
SSDEEP
3072:zTUXgTGIAmUzEoweOIWEmSGO5k8FSXMfE7M:MgTfnowbik7MO
Static task
static1
Behavioral task
behavioral1
Sample
server.exe
Resource
win7-20230220-en
Malware Config
Extracted
gozi
7715
checklist.skype.com
62.173.142.81
193.233.175.113
109.248.11.184
212.109.218.26
185.68.93.7
-
base_path
/drew/
-
build
250255
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Extracted
gozi
Targets
-
-
Target
server.exe
-
Size
177KB
-
MD5
b464a776c70edbd27af4b57cda69071e
-
SHA1
ba889d743dd798bfea074c7d253adf8f14806d45
-
SHA256
d20bdec1d1c63d93bccf249fc8a64db3998f6eb5aef27029ff03cbec9e98d3b5
-
SHA512
cce35723d7529bd86016d58dd50d917533ae365e56505f105f22da72f670fd80601492637db53fa37e4596df64f828e0ef3962c8e51414b4720104c41aa0d361
-
SSDEEP
3072:zTUXgTGIAmUzEoweOIWEmSGO5k8FSXMfE7M:MgTfnowbik7MO
-