General
-
Target
Servizi193.zip
-
Size
334B
-
Sample
230928-qjdxtsbe4s
-
MD5
419f2d5550357bb8943675f556c3c1bf
-
SHA1
ce1f8c8ac7bba90072f169cc285d1c4c556ae422
-
SHA256
16c676aab1d91c2252b09d1618aa9948132cd28f4aebbe7451718565cb1a7d2f
-
SHA512
aa606265840a808a14d26cf41cf435471dc5cc91e903af1c42eb43336cdfeb0b41f61b040b0213bd33773701f4cf390cc131feb2587cee138362f1cc80863504
Static task
static1
Behavioral task
behavioral1
Sample
Servizi.url
Resource
win7-20230831-en
Malware Config
Extracted
gozi
Extracted
gozi
5050
netsecurez.com
whofoxy.com
mimemoa.com
ntcgo.com
-
base_path
/jerry/
-
build
250260
-
exe_type
loader
-
extension
.bob
-
server_id
50
Targets
-
-
Target
Servizi.url
-
Size
193B
-
MD5
8700ae84ce3630a8321b710be0ee3316
-
SHA1
dcdef6d4bfb7b239bd351e1fee2785cdfc2fb8dd
-
SHA256
7581bddb9275a5cf702ff7376a3ec41e2c51c745a08be4bd874f5e831859cb38
-
SHA512
e93025559ccb84bf1fddb775165e64bacd3b6dd7551451769fcbeef1e45007cc6c86aa0e63c6d551819031fc6a48ed096db114e8b6e128fd6b2bc3837f1e9e71
-
Dave packer
Detects executable using a packer named 'Dave' by the community, based on a string at the end.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-