General
-
Target
client.exe
-
Size
360KB
-
Sample
231009-pvlw5sch7s
-
MD5
b1f338b2dc731820952a1b879fcb1b00
-
SHA1
d33b4542f8cb7c318111cf8cff285305bdb85833
-
SHA256
12f1fa49ce2f2fd19db6147e547a35625c260b2fec2ecf67de89c837990c5d94
-
SHA512
3d7f0ddc847b8d3a7867835c1e88b1f6a2142bf83d094df29f676aad195ed1e18b48fb5d97cb456602fb81f2ff9c6114f0f87dc3c2acd3bd9f12e3bade551999
-
SSDEEP
6144:PtZXGw8WTOhrcl8678wdIvPuNkD+7uzXx9QZo9PW4wMdcCfLm:qw8XcV78wZ7uzXbf+0dcwm
Static task
static1
Behavioral task
behavioral1
Sample
client.exe
Resource
win7-20230831-en
Malware Config
Extracted
gozi
Extracted
gozi
5050
http://iextrawebty.com
-
base_path
/jerry/
-
build
250260
-
exe_type
loader
-
extension
.bob
-
server_id
50
Targets
-
-
Target
client.exe
-
Size
360KB
-
MD5
b1f338b2dc731820952a1b879fcb1b00
-
SHA1
d33b4542f8cb7c318111cf8cff285305bdb85833
-
SHA256
12f1fa49ce2f2fd19db6147e547a35625c260b2fec2ecf67de89c837990c5d94
-
SHA512
3d7f0ddc847b8d3a7867835c1e88b1f6a2142bf83d094df29f676aad195ed1e18b48fb5d97cb456602fb81f2ff9c6114f0f87dc3c2acd3bd9f12e3bade551999
-
SSDEEP
6144:PtZXGw8WTOhrcl8678wdIvPuNkD+7uzXx9QZo9PW4wMdcCfLm:qw8XcV78wZ7uzXbf+0dcwm
-
Dave packer
Detects executable using a packer named 'Dave' by the community, based on a string at the end.
-