General
-
Target
49c54e18e22e5c82d591ff5345a4c660f2c80e14fcbe4c3a7d1df43654e40e86.dll
-
Size
511KB
-
Sample
230612-swkl9adc9w
-
MD5
dbe0888d7edb236b38d0dcfd33dd0a06
-
SHA1
f53a59741ddc982af5b77bd77ab99f74e9b33948
-
SHA256
49c54e18e22e5c82d591ff5345a4c660f2c80e14fcbe4c3a7d1df43654e40e86
-
SHA512
b893e59fb0cf5db3ae076798849e467b239c7be30917cff40b5df6d5f9feadb50e90ba728ea9955f628c27e519c407f5b7c4b12eba002064387846e7662e2473
-
SSDEEP
6144:yTZBx+7jsPTl/N80J849j3si2Hw2Kfl0OA5P1rh/YwOnhu58jT7FWQ+ICBFQ5jyy:YZP+7jsZS0r59Qw3RxjkeP
Static task
static1
Behavioral task
behavioral1
Sample
49c54e18e22e5c82d591ff5345a4c660f2c80e14fcbe4c3a7d1df43654e40e86.dll
Resource
win7-20230220-en
Malware Config
Extracted
gozi
Extracted
gozi
3000
config.edge.skype.com
89.41.26.99
89.45.4.102
interstarts.top
superlist.top
internetcoca.in
-
base_path
/drew/
-
build
250246
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
49c54e18e22e5c82d591ff5345a4c660f2c80e14fcbe4c3a7d1df43654e40e86.dll
-
Size
511KB
-
MD5
dbe0888d7edb236b38d0dcfd33dd0a06
-
SHA1
f53a59741ddc982af5b77bd77ab99f74e9b33948
-
SHA256
49c54e18e22e5c82d591ff5345a4c660f2c80e14fcbe4c3a7d1df43654e40e86
-
SHA512
b893e59fb0cf5db3ae076798849e467b239c7be30917cff40b5df6d5f9feadb50e90ba728ea9955f628c27e519c407f5b7c4b12eba002064387846e7662e2473
-
SSDEEP
6144:yTZBx+7jsPTl/N80J849j3si2Hw2Kfl0OA5P1rh/YwOnhu58jT7FWQ+ICBFQ5jyy:YZP+7jsZS0r59Qw3RxjkeP
-