General
-
Target
client.exe
-
Size
195KB
-
Sample
231003-mg376abg25
-
MD5
d8fb6e2fc8efc75796dd2d9afb40fca3
-
SHA1
0fe99824a62ded8d8c28b3af6673411eebaeed9f
-
SHA256
6a33b9576d33c195a7b09f9416e5360098f5064ff9ead9a476598cffe1fc1c09
-
SHA512
81409498e7a70ce232c317c7c145dc5c683cfd5682047f780c69f5a179b3f41d9515d163e52a1681f21694b2f514f0181571595999b7ef5bceac47e082dff341
-
SSDEEP
3072:SHl8sl3SL91KRqK0Sz3yTBKw0z88wMsRZAwfzYs5Hb7T3aW/ZulhCEX8zp:288M91IqwumUOwfzYsBZc1X8zp
Static task
static1
Behavioral task
behavioral1
Sample
client.exe
Resource
win7-20230831-en
Malware Config
Extracted
gozi
Extracted
gozi
5050
46.8.210.250
31.41.44.9
185.247.184.139
62.72.33.155
-
base_path
/jerry/
-
build
250260
-
exe_type
loader
-
extension
.bob
-
server_id
50
Targets
-
-
Target
client.exe
-
Size
195KB
-
MD5
d8fb6e2fc8efc75796dd2d9afb40fca3
-
SHA1
0fe99824a62ded8d8c28b3af6673411eebaeed9f
-
SHA256
6a33b9576d33c195a7b09f9416e5360098f5064ff9ead9a476598cffe1fc1c09
-
SHA512
81409498e7a70ce232c317c7c145dc5c683cfd5682047f780c69f5a179b3f41d9515d163e52a1681f21694b2f514f0181571595999b7ef5bceac47e082dff341
-
SSDEEP
3072:SHl8sl3SL91KRqK0Sz3yTBKw0z88wMsRZAwfzYs5Hb7T3aW/ZulhCEX8zp:288M91IqwumUOwfzYsBZc1X8zp
-
Dave packer
Detects executable using a packer named 'Dave' by the community, based on a string at the end.
-