General
-
Target
server.exe
-
Size
177KB
-
Sample
230320-mb8wfseh6y
-
MD5
68d4bfeb87777e1c8766088077822341
-
SHA1
b7d12612d8ef6aa44b1bcbdea0e6979769841300
-
SHA256
308110773533c5740fd92d77094da83152f98230cd9635bc8f7dcd7dce910c75
-
SHA512
46b0249e5aad3aca132ccb94ecae032dc1fbcf2aab4119a9f9c9714c3e58d9327b4d463cd52efac7c52039616dd257c1c06aece29b6f18cc7423a11aad7e241c
-
SSDEEP
3072:MB324Mujr+zpEwSQCah3vidXxwz45BGyEG:F4vDwSxOWxwU5BG
Static task
static1
Behavioral task
behavioral1
Sample
server.exe
Resource
win7-20230220-en
Malware Config
Extracted
gozi
7715
checklist.skype.com
62.173.142.81
193.233.175.113
109.248.11.184
212.109.218.26
185.68.93.7
-
base_path
/drew/
-
build
250255
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Extracted
gozi
Targets
-
-
Target
server.exe
-
Size
177KB
-
MD5
68d4bfeb87777e1c8766088077822341
-
SHA1
b7d12612d8ef6aa44b1bcbdea0e6979769841300
-
SHA256
308110773533c5740fd92d77094da83152f98230cd9635bc8f7dcd7dce910c75
-
SHA512
46b0249e5aad3aca132ccb94ecae032dc1fbcf2aab4119a9f9c9714c3e58d9327b4d463cd52efac7c52039616dd257c1c06aece29b6f18cc7423a11aad7e241c
-
SSDEEP
3072:MB324Mujr+zpEwSQCah3vidXxwz45BGyEG:F4vDwSxOWxwU5BG
-