General
-
Target
2560-135-0x00000000006B0000-0x00000000006BD000-memory.dmp
-
Size
52KB
-
Sample
230322-kpqwpafh33
-
MD5
19f6ae3c65b60dcfc9c6bb4dcdfd7df1
-
SHA1
7c773c455a1b8c493748fc080dddf845ad244618
-
SHA256
52de820bdf87558e54aa7f4490be1782959dcc89a30f551c1bcc7d9738740e39
-
SHA512
55b5f2198268442fc08bd428b57998e09e45a0ea5ad0c7e9e4604ba9c6527c1d2d5c4f75482ff7e8141aabe44e1e257111abe9480256715cc1d62243dcdd2d15
-
SSDEEP
768:wHcnq3+4xmsEF/I4/cAGHcqT8+3ypw7UPbXdiBdMhhK3D1Gc0B:w8nqO7F/IecVrTEpPbXwBdMeD1GcM
Behavioral task
behavioral1
Sample
2560-135-0x00000000006B0000-0x00000000006BD000-memory.dll
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
2560-135-0x00000000006B0000-0x00000000006BD000-memory.dll
Resource
win10v2004-20230220-en
Malware Config
Extracted
gozi
7715
checklist.skype.com
62.173.142.50
31.41.44.87
109.248.11.217
212.109.218.151
5.44.45.83
62.173.142.81
193.233.175.113
109.248.11.184
212.109.218.26
185.68.93.7
-
base_path
/drew/
-
build
250255
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
2560-135-0x00000000006B0000-0x00000000006BD000-memory.dmp
-
Size
52KB
-
MD5
19f6ae3c65b60dcfc9c6bb4dcdfd7df1
-
SHA1
7c773c455a1b8c493748fc080dddf845ad244618
-
SHA256
52de820bdf87558e54aa7f4490be1782959dcc89a30f551c1bcc7d9738740e39
-
SHA512
55b5f2198268442fc08bd428b57998e09e45a0ea5ad0c7e9e4604ba9c6527c1d2d5c4f75482ff7e8141aabe44e1e257111abe9480256715cc1d62243dcdd2d15
-
SSDEEP
768:wHcnq3+4xmsEF/I4/cAGHcqT8+3ypw7UPbXdiBdMhhK3D1Gc0B:w8nqO7F/IecVrTEpPbXwBdMeD1GcM
Score3/10 -