General
-
Target
gozi.payload-disk
-
Size
43KB
-
Sample
230322-j8hhzshf6z
-
MD5
7be96204ad39ac7430454d79d59bee54
-
SHA1
3295130c563c8ba2964e056c06822c5b6b69b5c8
-
SHA256
ef55057af7fb05f07ba94cf79ffd9e12f3a77eb3f08efb24bb8aa178e912e36f
-
SHA512
e7cf40fef4aa7f9d325ee17afcfd58f767c6d1544e0ebd4e4a2257a4b735e3fa2b73cf348a170c1d5f4e9eb800c7872218c49e2ae34da4c348b23ae66287b266
-
SSDEEP
768:C0gsqVXye2rS/Q4VYXQIVpCHlNBmQWGk2j+A6ewBvu7gpzhK3D1Gc0B:C9sq8S/QEYXQIVWlvmYp6ewNu7hD1GcM
Behavioral task
behavioral1
Sample
gozi.dll
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
gozi.dll
Resource
win10v2004-20230221-en
Malware Config
Extracted
gozi
7715
checklist.skype.com
62.173.142.50
31.41.44.87
109.248.11.217
212.109.218.151
5.44.45.83
62.173.142.81
193.233.175.113
109.248.11.184
212.109.218.26
185.68.93.7
-
base_path
/drew/
-
build
250255
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
gozi.payload-disk
-
Size
43KB
-
MD5
7be96204ad39ac7430454d79d59bee54
-
SHA1
3295130c563c8ba2964e056c06822c5b6b69b5c8
-
SHA256
ef55057af7fb05f07ba94cf79ffd9e12f3a77eb3f08efb24bb8aa178e912e36f
-
SHA512
e7cf40fef4aa7f9d325ee17afcfd58f767c6d1544e0ebd4e4a2257a4b735e3fa2b73cf348a170c1d5f4e9eb800c7872218c49e2ae34da4c348b23ae66287b266
-
SSDEEP
768:C0gsqVXye2rS/Q4VYXQIVpCHlNBmQWGk2j+A6ewBvu7gpzhK3D1Gc0B:C9sq8S/QEYXQIVWlvmYp6ewNu7hD1GcM
Score1/10 -