General
-
Target
server.exe
-
Size
360KB
-
Sample
230322-kpqkxshg7t
-
MD5
b1c298b78d5b5171178929f85748d1dd
-
SHA1
624ca4497e5ed1c622d9b077e1c99316f42f3d21
-
SHA256
0c34693df38fb1cfe4eb93a2e52f6d41444ad40d852224be14243dabe745ed4c
-
SHA512
ceb80554dae0bcdd2aa6422ba602ec7292cf1f3be49c62f7d00603a7dcf40e017881305fb8354e66725c4e96d387a52b08545b100a8a6a4af2c3bc8a05767b15
-
SSDEEP
3072:h/cWlzoO/HiajuamcLRXhAfBze/mc8yNPFAsWdlS1t7taCAgwn0F:lnHXhlYVeh8SEjM4/
Static task
static1
Behavioral task
behavioral1
Sample
server.exe
Resource
win7-20230220-en
Malware Config
Extracted
gozi
Extracted
gozi
7715
checklist.skype.com
62.173.142.50
31.41.44.87
109.248.11.217
212.109.218.151
5.44.45.83
62.173.142.81
193.233.175.113
109.248.11.184
212.109.218.26
185.68.93.7
-
base_path
/drew/
-
build
250255
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
server.exe
-
Size
360KB
-
MD5
b1c298b78d5b5171178929f85748d1dd
-
SHA1
624ca4497e5ed1c622d9b077e1c99316f42f3d21
-
SHA256
0c34693df38fb1cfe4eb93a2e52f6d41444ad40d852224be14243dabe745ed4c
-
SHA512
ceb80554dae0bcdd2aa6422ba602ec7292cf1f3be49c62f7d00603a7dcf40e017881305fb8354e66725c4e96d387a52b08545b100a8a6a4af2c3bc8a05767b15
-
SSDEEP
3072:h/cWlzoO/HiajuamcLRXhAfBze/mc8yNPFAsWdlS1t7taCAgwn0F:lnHXhlYVeh8SEjM4/
-