General
-
Target
6424024a060bf.tiff.dll
-
Size
613KB
-
Sample
230329-k96smsff67
-
MD5
ae85c25efdd62bed6e2c3ed12a22a217
-
SHA1
07ce0da778545abed3755151950c068299decfa7
-
SHA256
325f7b8b082c01f0b950f001c0bef4d0fc3bb5cef1a8a74bc9dc60be3bdc32e7
-
SHA512
609c667c364285856e265a1cab629b482f9dd0ad91c1a0cfd39e29dbda2158228f21fbc7c33bc9fcd10268b75fd858aed31b6d9ecbcee48ba19f240c56644920
-
SSDEEP
12288:T0UQoMETWK5TpM7vBzCpgbiH4tDjwRQm3WG5Tms:ZQoMETWK5Te79CpgbiH4xjwRBW5s
Static task
static1
Behavioral task
behavioral1
Sample
6424024a060bf.tiff.dll
Resource
win7-20230220-en
Malware Config
Extracted
gozi
Extracted
gozi
5050
https://config.edge.skype.com
91.215.85.186
-
base_path
/jerry/
-
build
250255
-
exe_type
loader
-
extension
.bob
-
server_id
50
Targets
-
-
Target
6424024a060bf.tiff.dll
-
Size
613KB
-
MD5
ae85c25efdd62bed6e2c3ed12a22a217
-
SHA1
07ce0da778545abed3755151950c068299decfa7
-
SHA256
325f7b8b082c01f0b950f001c0bef4d0fc3bb5cef1a8a74bc9dc60be3bdc32e7
-
SHA512
609c667c364285856e265a1cab629b482f9dd0ad91c1a0cfd39e29dbda2158228f21fbc7c33bc9fcd10268b75fd858aed31b6d9ecbcee48ba19f240c56644920
-
SSDEEP
12288:T0UQoMETWK5TpM7vBzCpgbiH4tDjwRQm3WG5Tms:ZQoMETWK5Te79CpgbiH4xjwRBW5s
-