General
-
Target
gozi.payload-disk
-
Size
43KB
-
Sample
230320-msrnhafa5w
-
MD5
90b6cdfe9896972ccee348859f8e173d
-
SHA1
53bce0dabc905d8aa32c9aacfdbf74bf705c8946
-
SHA256
ba1a5cd9f9c292c667a0d4d577cf66afe813b9fa838752c67ea6363e5b36c841
-
SHA512
e53758d6dc44de19a76b056cd141155920c56070e6a120eea5f8b8411a829ff37391fb8a0a411185354d828e6758fdbe87ab5f1b84520f038c4b85e8d8eaab68
-
SSDEEP
768:s0gsqVXye2rS/Q4VYXQIVpCHlNBmQWGk2j+A6ewBvu7gpzhK3D1GcQh:s9sq8S/QEYXQIVWlvmYp6ewNu7hD1GcQ
Behavioral task
behavioral1
Sample
gozi.dll
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
gozi.dll
Resource
win10v2004-20230220-en
Malware Config
Extracted
gozi
7715
checklist.skype.com
62.173.142.81
193.233.175.113
109.248.11.184
212.109.218.26
185.68.93.7
-
base_path
/drew/
-
build
250255
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
gozi.payload-disk
-
Size
43KB
-
MD5
90b6cdfe9896972ccee348859f8e173d
-
SHA1
53bce0dabc905d8aa32c9aacfdbf74bf705c8946
-
SHA256
ba1a5cd9f9c292c667a0d4d577cf66afe813b9fa838752c67ea6363e5b36c841
-
SHA512
e53758d6dc44de19a76b056cd141155920c56070e6a120eea5f8b8411a829ff37391fb8a0a411185354d828e6758fdbe87ab5f1b84520f038c4b85e8d8eaab68
-
SSDEEP
768:s0gsqVXye2rS/Q4VYXQIVpCHlNBmQWGk2j+A6ewBvu7gpzhK3D1GcQh:s9sq8S/QEYXQIVWlvmYp6ewNu7hD1GcQ
Score1/10 -