General
-
Target
server.exe
-
Size
359KB
-
Sample
230322-pxbtysgg82
-
MD5
72d3165bec2032972336aa6e3fa5fbfb
-
SHA1
76005704232b27e2dbdd14df990b204e90e0cf81
-
SHA256
541a131186c7861caf0517567d8c6208f2f95712b637a488ac6fbbfe7756efdc
-
SHA512
3c1e53806895eaec53737822042f3189c9b8ac60d9dc685e1051a343f3c457969ac59801cb7ad5acc5ef57def6c67637e888cc091a84ed1aa8204e0f2011e521
-
SSDEEP
3072:i+VtlxQDPB9j4Y9pHYl/hH9F2xC0JY7UY0mHIy6LKFWVNcGcJJaJJ:hKJ9xEX2xaWmYLKMN+JJ
Static task
static1
Behavioral task
behavioral1
Sample
server.exe
Resource
win7-20230220-en
Malware Config
Extracted
gozi
Extracted
gozi
7715
checklist.skype.com
62.173.142.50
31.41.44.87
109.248.11.217
212.109.218.151
5.44.45.83
62.173.142.81
193.233.175.113
109.248.11.184
212.109.218.26
185.68.93.7
-
base_path
/drew/
-
build
250255
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
server.exe
-
Size
359KB
-
MD5
72d3165bec2032972336aa6e3fa5fbfb
-
SHA1
76005704232b27e2dbdd14df990b204e90e0cf81
-
SHA256
541a131186c7861caf0517567d8c6208f2f95712b637a488ac6fbbfe7756efdc
-
SHA512
3c1e53806895eaec53737822042f3189c9b8ac60d9dc685e1051a343f3c457969ac59801cb7ad5acc5ef57def6c67637e888cc091a84ed1aa8204e0f2011e521
-
SSDEEP
3072:i+VtlxQDPB9j4Y9pHYl/hH9F2xC0JY7UY0mHIy6LKFWVNcGcJJaJJ:hKJ9xEX2xaWmYLKMN+JJ
-