General
-
Target
Agenzia736.zip
-
Size
476B
-
Sample
230324-j55jcafc2s
-
MD5
b25fa0c7c28bb4eabcfc4710cbceb3fd
-
SHA1
b3284da7215ab5048bdff9286a7d37f6545cb20b
-
SHA256
9d6b413748da3fbfbf2b3b4f980673770f474c1ab1865c00272424455f47a362
-
SHA512
428e9b7019df1237593789c31af516ab5116c49fe1149e9e9fedcc84b1fb59d968dad504f677c0ca523c98bb057b78e9fd80026f1ea94ffaeb8c57370b3c570e
Static task
static1
Behavioral task
behavioral1
Sample
Agenzia/Agenzia.url
Resource
win7-20230220-en
Malware Config
Extracted
gozi
Extracted
gozi
7716
checklist.skype.com
193.233.175.115
185.68.93.20
62.173.140.250
46.8.210.133
-
base_path
/drew/
-
build
250255
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
Agenzia/Agenzia.url
-
Size
189B
-
MD5
0c3f7c2aa0311bf8c761b9b4e8b33d45
-
SHA1
4eaa085327b0cd857d43aacffdbc7963a67523d2
-
SHA256
025f536aab4e91765785e1d0897b55674f217b871e2afe0dba10ad1c5a9f1417
-
SHA512
710eeb07fbab0b978064220d3ed36bd7de04987f7e3f9a75a1920dd793847606a205d9205b4745edb59e65e3433ef84e7e98c8213017d24e2379533ffd0962b2
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-