General
-
Target
1232d3aed4a46219093ac9ed94e27be3bfc5c99e17b0b9c6dcc0734022e35385.zip
-
Size
1.2MB
-
Sample
231106-vpdapsec32
-
MD5
8b750eaf94997b8b011124c748088513
-
SHA1
c4db5fdc06f191dda8210c3931747793a472d9ad
-
SHA256
5d1ec1e5aa5f500b2e934784e8480de339379344831caa1868eb2b2711795b3f
-
SHA512
ee9fd650719421e43b34c01098d566af61e5224ebef50611874815310ffbbc558e2f59ede7e97790d10747a96ded1d498f86f07f3442eb9e7d85706babe27008
-
SSDEEP
24576:J2HwPQRh8eXgqB5KvD+M/JGVXNDwp7OrnTOhPzOGwdVhS3vjjalD:0QoRhpV4/+9DVb1y3q
Static task
static1
Behavioral task
behavioral1
Sample
1232d3aed4a46219093ac9ed94e27be3bfc5c99e17b0b9c6dcc0734022e35385.dll
Resource
win7-20231023-en
Malware Config
Extracted
gozi
Extracted
gozi
20000
http://45.11.182.38
http://79.132.130.230
https://listwhfite.check3.yaho1o.com
https://lisfwhite.ch2eck.yaheoo.com
http://45.155.250.58
https://liset.che3ck.bi1ng.com
http://45.155.249.91
-
base_path
/zerotohero/
-
build
250260
-
exe_type
loader
-
extension
.asi
-
server_id
50
Targets
-
-
Target
1232d3aed4a46219093ac9ed94e27be3bfc5c99e17b0b9c6dcc0734022e35385
-
Size
1.6MB
-
MD5
2cb25a10859731a53cebe3728b4b4ece
-
SHA1
4d97ea24cecbb44ea02f74c03eba59041f3c3d72
-
SHA256
1232d3aed4a46219093ac9ed94e27be3bfc5c99e17b0b9c6dcc0734022e35385
-
SHA512
0d1f60bfd3e2a1b28ef870d7f7750098fd5f6d6d59ca2a85606539bf4bc452f8a334489f68bf4cb4f14b0a2820a2e8cc99af03055b13013adb59c15c9f16edb8
-
SSDEEP
24576:cgRZFqJ+qF6MxIIyrf3JQ7RK9q0K7h7rMoOvG4LeAypSfjgsk/ArX:ZRZi37oYNMoYG+1u
-
Blocklisted process makes network request
-