General
-
Target
193220x00000000004000000x0000000000486000memory_JC.dmp
-
Size
536KB
-
Sample
231012-sx8epsgf7x
-
MD5
e26af6cca9dc833bf82f8d7f11dc2932
-
SHA1
b26ba0b306524fc00f867edd2b09aa9aad745659
-
SHA256
ce74055a03c4f995c25e831a7c74e30adaf61607e5361357167f520a97a9e6de
-
SHA512
17c56d00ab317cc528a6ead9625c4ae2a903077545c810c41d981d1400115adfa40198ce805e1c31f8793c798998ea79dee1810fd96d6e218384755d9ccc7ea0
-
SSDEEP
3072:TrPI5jSu1UgDgfA4D3j+6XrgGHT4SW4NsnGC4EN/kMBsupYX9c5omTSTtyl:zu1UgDGJrj+6JHT4+WlkgQLmTSTk
Behavioral task
behavioral1
Sample
193220x00000000004000000x0000000000486000memory_JC.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
193220x00000000004000000x0000000000486000memory_JC.exe
Resource
win10v2004-20230915-en
Malware Config
Extracted
gozi
Extracted
gozi
5050
https://avas1ta.com/in/login/
192.121.22.216
http://mimemoa.com
-
base_path
/jerry/
-
build
250260
-
exe_type
loader
-
extension
.bob
-
server_id
50
Targets
-
-
Target
193220x00000000004000000x0000000000486000memory_JC.dmp
-
Size
536KB
-
MD5
e26af6cca9dc833bf82f8d7f11dc2932
-
SHA1
b26ba0b306524fc00f867edd2b09aa9aad745659
-
SHA256
ce74055a03c4f995c25e831a7c74e30adaf61607e5361357167f520a97a9e6de
-
SHA512
17c56d00ab317cc528a6ead9625c4ae2a903077545c810c41d981d1400115adfa40198ce805e1c31f8793c798998ea79dee1810fd96d6e218384755d9ccc7ea0
-
SSDEEP
3072:TrPI5jSu1UgDgfA4D3j+6XrgGHT4SW4NsnGC4EN/kMBsupYX9c5omTSTtyl:zu1UgDGJrj+6JHT4+WlkgQLmTSTk
Score3/10 -