General
-
Target
server.exe
-
Size
359KB
-
Sample
230322-kjqczafg74
-
MD5
97653330273d8047448ce5199af7d83f
-
SHA1
375d5849a8703165a6935074ae7925c27bdc01c6
-
SHA256
4a1ceb484536bd1fe3da65c76d7ec161d06190960e1623dfc89c444fa4b4fde0
-
SHA512
c0be483c83e7558153fa3fcad6406f0fc71764b2af553c409a08850e253183692c2e58d7be27debf56bd99166cc80bdbbbddf50fbcc426c0cb75a2dceaa0fb32
-
SSDEEP
3072:1zd4lngW/Yx4ujuaatQNb5AAQG/TuSn4G+btjGWHAoGAVQgwn0F:GvYLsC1MSv8xHGP
Static task
static1
Behavioral task
behavioral1
Sample
server.exe
Resource
win7-20230220-en
Malware Config
Extracted
gozi
Extracted
gozi
7715
checklist.skype.com
62.173.142.50
31.41.44.87
109.248.11.217
212.109.218.151
5.44.45.83
62.173.142.81
193.233.175.113
109.248.11.184
212.109.218.26
185.68.93.7
-
base_path
/drew/
-
build
250255
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
server.exe
-
Size
359KB
-
MD5
97653330273d8047448ce5199af7d83f
-
SHA1
375d5849a8703165a6935074ae7925c27bdc01c6
-
SHA256
4a1ceb484536bd1fe3da65c76d7ec161d06190960e1623dfc89c444fa4b4fde0
-
SHA512
c0be483c83e7558153fa3fcad6406f0fc71764b2af553c409a08850e253183692c2e58d7be27debf56bd99166cc80bdbbbddf50fbcc426c0cb75a2dceaa0fb32
-
SSDEEP
3072:1zd4lngW/Yx4ujuaatQNb5AAQG/TuSn4G+btjGWHAoGAVQgwn0F:GvYLsC1MSv8xHGP
-