General
-
Target
server.exe
-
Size
246KB
-
Sample
230324-pewfmseb98
-
MD5
62c6ed30422b5876110ee6ab6660223e
-
SHA1
60e1a1c26d35c9d90fb163364e3a4deec1d4016a
-
SHA256
fbb595a285f1126d4bfe09240e40b1a8a66ac5024f90b5e64860bb872e05a248
-
SHA512
a5d124845b49428c7ffca0b81c063b81acdc84ef8d67511e9cb68489cd3baf1b3dd8420aff3b5972c4702da8fcad90c5fc3b7483bed1c03f9223475fc9760ec1
-
SSDEEP
3072:VRESzcarU/edI7cTsSsuDwTHDXbtMJzWVCkeoQ0LTZ2eB25UWNObVr:eRNILMbJeW92eBoUj
Static task
static1
Behavioral task
behavioral1
Sample
server.exe
Resource
win7-20230220-en
Malware Config
Extracted
gozi
7716
checklist.skype.com
193.233.175.115
185.68.93.20
62.173.140.250
46.8.210.133
-
base_path
/drew/
-
build
250255
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Extracted
gozi
Targets
-
-
Target
server.exe
-
Size
246KB
-
MD5
62c6ed30422b5876110ee6ab6660223e
-
SHA1
60e1a1c26d35c9d90fb163364e3a4deec1d4016a
-
SHA256
fbb595a285f1126d4bfe09240e40b1a8a66ac5024f90b5e64860bb872e05a248
-
SHA512
a5d124845b49428c7ffca0b81c063b81acdc84ef8d67511e9cb68489cd3baf1b3dd8420aff3b5972c4702da8fcad90c5fc3b7483bed1c03f9223475fc9760ec1
-
SSDEEP
3072:VRESzcarU/edI7cTsSsuDwTHDXbtMJzWVCkeoQ0LTZ2eB25UWNObVr:eRNILMbJeW92eBoUj
-