General
-
Target
Organizzazione571.zip
-
Size
517B
-
Sample
230326-mch2esgb75
-
MD5
a03e51781fbf641b6bce7863f7990f90
-
SHA1
6160e801d60495880636741d643927c4631de8a0
-
SHA256
5e13daad538571332b6944ab418c0004cdb0cf8aaf7e368270d29dc8d93dcddd
-
SHA512
87b9ba097759d3e8e41766f69207276e8503128644c4828d6b4e62053b57e07e158846bb5e7930aa304edeacca3afe1782ab7ff5200482400fc92ea895eb9ef5
Static task
static1
Behavioral task
behavioral1
Sample
Organizzazione/Organizzazione.url
Resource
win7-20230220-en
Malware Config
Extracted
gozi
7716
checklist.skype.com
193.233.175.115
185.68.93.20
62.173.140.250
46.8.210.133
-
base_path
/drew/
-
build
250255
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Extracted
gozi
Targets
-
-
Target
Organizzazione/Organizzazione.url
-
Size
189B
-
MD5
4571c088033c1b952cc7a47d6d912ccf
-
SHA1
5ea33a903ab401f3df83458270249486f10b5788
-
SHA256
5fff289b5afb58911385428f650b19eae8085e8261d283258500360b1747e0a8
-
SHA512
5682b850056cb1e864ca9a123a52fd5f54b01fe809b9a7fc3abcf71a7cf09a7fab9c08907cca9a502cd28034e3306c6161310efb118b5ac47ca170d19236da64
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-