General
-
Target
server.exe
-
Size
248KB
-
Sample
230325-hxmswsdg6x
-
MD5
47a28863984e5acee7a4aadba0798b81
-
SHA1
4b49af83cb30cce8ca6d270b8104c0cbb9ea7d1a
-
SHA256
120bb72f63c759f9639de69b6c69ef7044ba8aad6de42d828ad41ce5c9c2c2e9
-
SHA512
d5d99a652f91bb09042757bd82536111cb9679772028519373455b5b02a3b2bc298032093ab121afc31dbf9a8dd3d5ebeb40fc0edaf317b3060c12327ca71195
-
SSDEEP
3072:4jKaOORqiFXz3KcIix5QeiD/XabN9hrbOo52p2pkyr8tYa4PVorWN8aeDr:QzOpum5aCS9hrbOjspffV2va
Static task
static1
Behavioral task
behavioral1
Sample
server.exe
Resource
win7-20230220-en
Malware Config
Extracted
gozi
Extracted
gozi
7716
checklist.skype.com
193.233.175.115
185.68.93.20
62.173.140.250
46.8.210.133
-
base_path
/drew/
-
build
250255
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
server.exe
-
Size
248KB
-
MD5
47a28863984e5acee7a4aadba0798b81
-
SHA1
4b49af83cb30cce8ca6d270b8104c0cbb9ea7d1a
-
SHA256
120bb72f63c759f9639de69b6c69ef7044ba8aad6de42d828ad41ce5c9c2c2e9
-
SHA512
d5d99a652f91bb09042757bd82536111cb9679772028519373455b5b02a3b2bc298032093ab121afc31dbf9a8dd3d5ebeb40fc0edaf317b3060c12327ca71195
-
SSDEEP
3072:4jKaOORqiFXz3KcIix5QeiD/XabN9hrbOo52p2pkyr8tYa4PVorWN8aeDr:QzOpum5aCS9hrbOjspffV2va
-