General
-
Target
1636-56-0x0000000000400000-0x00000000004DB000-memory.dmp
-
Size
876KB
-
Sample
230322-m4yk7aad2v
-
MD5
6f5f11bcdda2728c39dd34c417496920
-
SHA1
b10961f87a57f3b5e49f64f61225fce566529769
-
SHA256
7605d15924cab786445906480acef39d27c2cec5529aac50ff3667692d746bcc
-
SHA512
e76f6c23fc79508dc376800fd7d8d4af89145ea21582f6922312d7bd9cc4d197bcd0e0f450a5022457d1a1bbcd8e651ef77da995b23837d5899f348ba62f1f81
-
SSDEEP
3072:VfKcVNoVUE3HnP5grnmTvA0F9q9aM+j/sVDIMpXBWiZiOJxgwn0F:RKcVOVUuvimvF9/bj/sJIEBWiZx
Behavioral task
behavioral1
Sample
1636-56-0x0000000000400000-0x00000000004DB000-memory.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
1636-56-0x0000000000400000-0x00000000004DB000-memory.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
gozi
Extracted
gozi
7715
checklist.skype.com
62.173.142.50
31.41.44.87
109.248.11.217
212.109.218.151
5.44.45.83
62.173.142.81
193.233.175.113
109.248.11.184
212.109.218.26
185.68.93.7
-
base_path
/drew/
-
build
250255
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
1636-56-0x0000000000400000-0x00000000004DB000-memory.dmp
-
Size
876KB
-
MD5
6f5f11bcdda2728c39dd34c417496920
-
SHA1
b10961f87a57f3b5e49f64f61225fce566529769
-
SHA256
7605d15924cab786445906480acef39d27c2cec5529aac50ff3667692d746bcc
-
SHA512
e76f6c23fc79508dc376800fd7d8d4af89145ea21582f6922312d7bd9cc4d197bcd0e0f450a5022457d1a1bbcd8e651ef77da995b23837d5899f348ba62f1f81
-
SSDEEP
3072:VfKcVNoVUE3HnP5grnmTvA0F9q9aM+j/sVDIMpXBWiZiOJxgwn0F:RKcVOVUuvimvF9/bj/sJIEBWiZx
Score3/10 -