General
-
Target
decode_5d598e3afe8736c96f6d2cc0a6509b12e9fc15d45afc070e7e9d5bd68946335e.exe
-
Size
36KB
-
Sample
230329-te21msgh83
-
MD5
1f6822f8aab6189e0f9db8d6f820d9af
-
SHA1
ffdbf44ae5db43c5210c5ef00b2b2d8192053dae
-
SHA256
f84e0c6d7877be866064dd176f832737ae9cd04901913185c8e525efdcb9ee2e
-
SHA512
10d878887fc7780b308469329d976eb6e6d033decad57bb23fd2fff8437e41ab7005d6e537b6b61526f1a99b743d5545ca3c6b22b0f28490eaf7c7c5340b08b3
-
SSDEEP
768:gKbMPv5JLi5yOyV34OB9bl5n+iRjn9P1avZa9Bmr1h097mI5:g4MHLLi5pyt5+0zavZangX097m
Behavioral task
behavioral1
Sample
decode_5d598e3afe8736c96f6d2cc0a6509b12e9fc15d45afc070e7e9d5bd68946335e.exe
Resource
win7-20230220-en
Malware Config
Extracted
gozi
Extracted
gozi
1900
tel12.msn.com
194.76.225.60
185.212.47.133
-
base_path
/doorway/
-
build
250249
-
exe_type
loader
-
extension
.drr
-
server_id
50
Targets
-
-
Target
decode_5d598e3afe8736c96f6d2cc0a6509b12e9fc15d45afc070e7e9d5bd68946335e.exe
-
Size
36KB
-
MD5
1f6822f8aab6189e0f9db8d6f820d9af
-
SHA1
ffdbf44ae5db43c5210c5ef00b2b2d8192053dae
-
SHA256
f84e0c6d7877be866064dd176f832737ae9cd04901913185c8e525efdcb9ee2e
-
SHA512
10d878887fc7780b308469329d976eb6e6d033decad57bb23fd2fff8437e41ab7005d6e537b6b61526f1a99b743d5545ca3c6b22b0f28490eaf7c7c5340b08b3
-
SSDEEP
768:gKbMPv5JLi5yOyV34OB9bl5n+iRjn9P1avZa9Bmr1h097mI5:g4MHLLi5pyt5+0zavZangX097m
-