General
-
Target
11606333877.zip
-
Size
318KB
-
Sample
230829-x7trhsac7t
-
MD5
a3044047bcd338a7e16a05b0900c2826
-
SHA1
2609bcd0912809d1dfa43066b6bcde08fcf1d7ab
-
SHA256
c37b38c013fe3e845e9bee5697e21d5cc3a43d156d31a09dd9e6e537a7de1cf4
-
SHA512
dc7c05ffd3b3c50fb0901804742ac39c4ff76e93a74659df8f40a7ffa148cb0e72df6d029cf4759e44ab70501ad31eb195f0c736155133981112ba0f096006c8
-
SSDEEP
6144:khRBgaEH58WX6PPtV3yd9cu5xGLXteCbiUqKFw+YrR0JpCYfvS0/:kh9Y51X6PPb/GGrteCbi9KPYrbY3S0/
Static task
static1
Behavioral task
behavioral1
Sample
d3d24cfc0f5d15b4f6160e539f45a7786fce3be249d56811e9b7f0368967e396.dll
Resource
win7-20230712-en
Malware Config
Extracted
gozi
Extracted
gozi
3000
config.edge.skype.com
superstarts.top
superlist.top
internetcoca.in
193.106.191.163
-
base_path
/drew/
-
build
250240
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
d3d24cfc0f5d15b4f6160e539f45a7786fce3be249d56811e9b7f0368967e396
-
Size
602KB
-
MD5
f5229d20ad515e77c585134fcdfd8ca1
-
SHA1
b6741980071eeadd5a998d75ae890a1527153918
-
SHA256
d3d24cfc0f5d15b4f6160e539f45a7786fce3be249d56811e9b7f0368967e396
-
SHA512
6a54765346de383c6b4927cacdcf74d3d22a49ed9f7dc83c4c58d8c655827ab2866bea9f47ae16377a970e5d70c641d26effe877f381ee4662b65f47f246bc63
-
SSDEEP
12288:/RI34sEF5wcH9seTP1GQn1WHhu67jd23ctEjBx/2g99:/RWu/wcH9seTdJn6VQcSj//199
-