Overview

overview

10

Static

static

10

4084-135-0...ry.dll

windows7-x64

3

4084-135-0...ry.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    4084-135-0x0000000002D60000-0x0000000002D6D000-memory.dmp

  • Size

    52KB

  • MD5

    fa7ade081a23b29537031af40748701a

  • SHA1

    7e4caf0f0c2de6e68337c2c9fcdd4bf953728f28

  • SHA256

    4df66e31fdee4e86d4817a209d5d434f8c72dc344129f5a6b827087af1e0be1c

  • SHA512

    f3d23ba2999c2f0602f91b91ce58348e647cbc29f8757a0129fb34f85a921a69b1fa83e0d0fea05cf4cbde0b6d5413f031b45024992fcc80a74ae39e068ee883

  • SSDEEP

    768:qoQEq1vTGPuGbu/I4et5WHbpO8cqU6XmgKyMxYdMRhK3D1Gc0d:qZEq0lu/ITtCdOI9KyMKdMuD1Gc0d

Score
10/10
isfb7716gozi

Malware Config

Extracted

Family

gozi

Botnet

7716

C2

checklist.skype.com

193.233.175.115

185.68.93.20

62.173.140.250

46.8.210.133
Attributes
  • base_path

    /drew/

  • build

    250255

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Signatures

Files

  • 4084-135-0x0000000002D60000-0x0000000002D6D000-memory.dmp
    .dll windows x86


    Headers

    Sections