General
-
Target
server.exe
-
Size
360KB
-
Sample
230322-nwqfaage82
-
MD5
78b4ac76b3261a6ac4a94a868e39ac25
-
SHA1
0ea51d3d2032630bf53252657f0ff856ff0ee690
-
SHA256
97fcb2199876005f3e4db6aa7280b15cd59dfe0b99c1fc0e722adb31f0d2e6b4
-
SHA512
b490d945fbc96d08c33bfb020bfcedf542e90ec9018fa588303e0743e92a1e5a0d1d095a2b2394cdd754709f71396a828339f8ab78d830a2865e920d3756180a
-
SSDEEP
3072:jyjrlS0bY/04BjuajiKAOSAjhKmj03oXGjyaFgE92ZP+4Ysd8BAmgwn0JV:nV0am9efOyad9L4Y3R
Static task
static1
Behavioral task
behavioral1
Sample
server.exe
Resource
win7-20230220-en
Malware Config
Extracted
gozi
Extracted
gozi
7715
checklist.skype.com
62.173.142.50
31.41.44.87
109.248.11.217
212.109.218.151
5.44.45.83
62.173.142.81
193.233.175.113
109.248.11.184
212.109.218.26
185.68.93.7
-
base_path
/drew/
-
build
250255
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
server.exe
-
Size
360KB
-
MD5
78b4ac76b3261a6ac4a94a868e39ac25
-
SHA1
0ea51d3d2032630bf53252657f0ff856ff0ee690
-
SHA256
97fcb2199876005f3e4db6aa7280b15cd59dfe0b99c1fc0e722adb31f0d2e6b4
-
SHA512
b490d945fbc96d08c33bfb020bfcedf542e90ec9018fa588303e0743e92a1e5a0d1d095a2b2394cdd754709f71396a828339f8ab78d830a2865e920d3756180a
-
SSDEEP
3072:jyjrlS0bY/04BjuajiKAOSAjhKmj03oXGjyaFgE92ZP+4Ysd8BAmgwn0JV:nV0am9efOyad9L4Y3R
-