General
-
Target
Organizzazione783.zip
-
Size
521B
-
Sample
230322-qb3wzsag9w
-
MD5
e14ce4c0a68cfec0a9fafd24508a0319
-
SHA1
f4a70cd3afe7574ec5277a708ecbc8d1d86ad7bf
-
SHA256
599955669f11878d82c9a589193a8a849dd8ac6e8a5e3d6c7ef8147ae0538868
-
SHA512
e4b9d7d6d1a6725cbf1d55b744cedc4a6a9a3a1ac6156e54ed2157d36dedb2c6be0d4cf6936512db1ff2ef3eacadefae97a9db647de0a0bbef85377dab7e510c
Static task
static1
Behavioral task
behavioral1
Sample
Organizzazione/Organizzazione.url
Resource
win7-20230220-en
Malware Config
Extracted
gozi
7715
checklist.skype.com
62.173.142.50
31.41.44.87
109.248.11.217
212.109.218.151
5.44.45.83
62.173.142.81
193.233.175.113
109.248.11.184
212.109.218.26
185.68.93.7
-
base_path
/drew/
-
build
250255
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Extracted
gozi
Targets
-
-
Target
Organizzazione/Organizzazione.url
-
Size
194B
-
MD5
7223cc1975393443d4d161492d0f932e
-
SHA1
2fc8c648559e862b3191088450781b5d33debd5f
-
SHA256
ec178c6a29aa42213ac7287e45d8378632e145ef650dd5734f247129bd364dbb
-
SHA512
5c5eec290b156c760c44dd9b7162a5cf9e3f2f4e1f9ef494dcbf5ef2f12fd51801b1170b36f39ab2342467f7701bfe4bd292b7cd5418c4b87717e7abfc31ef5a
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-