General
-
Target
server.exe
-
Size
247KB
-
Sample
230325-hqxphsdg4x
-
MD5
38e907ce3156548d3013376942fb2d9d
-
SHA1
a24a44b759cec265ee5d6017060af71306f6eb2d
-
SHA256
d71eb90b2eafb9a5a0cb8a9294f35c9cb51bb903dc7495a6566e83449503d6b0
-
SHA512
eb8b616c8f58ed6fa67b9292f7e3cd122c0d20cf82fadceec1ed1bbe086342bbe710aff3ec44b8a19d472a8a3adc7dd5893b85c3ea3264085034cafd428ac767
-
SSDEEP
3072:kjCqzGkD8XGdWhkTEUmXDwuGKa/irjinTI2ApT84b4HWNObVr:1fXepEn3ATI20T84MHj
Static task
static1
Behavioral task
behavioral1
Sample
server.exe
Resource
win7-20230220-en
Malware Config
Extracted
gozi
Extracted
gozi
7716
checklist.skype.com
193.233.175.115
185.68.93.20
62.173.140.250
46.8.210.133
-
base_path
/drew/
-
build
250255
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
server.exe
-
Size
247KB
-
MD5
38e907ce3156548d3013376942fb2d9d
-
SHA1
a24a44b759cec265ee5d6017060af71306f6eb2d
-
SHA256
d71eb90b2eafb9a5a0cb8a9294f35c9cb51bb903dc7495a6566e83449503d6b0
-
SHA512
eb8b616c8f58ed6fa67b9292f7e3cd122c0d20cf82fadceec1ed1bbe086342bbe710aff3ec44b8a19d472a8a3adc7dd5893b85c3ea3264085034cafd428ac767
-
SSDEEP
3072:kjCqzGkD8XGdWhkTEUmXDwuGKa/irjinTI2ApT84b4HWNObVr:1fXepEn3ATI20T84MHj
-