General
-
Target
0d68d238d713f63ff02be916ae633466
-
Size
543KB
-
Sample
231224-x54tpsbccm
-
MD5
0d68d238d713f63ff02be916ae633466
-
SHA1
46958a4143c337f8406b0c785d434c8892e902e8
-
SHA256
9c4088dfc53bb7b6d9887d200801a926b73c09458910460a2d6f4e2d67f13e6e
-
SHA512
502daafc9ba908cf8b682e2496be0785c7ccf035e8876df2b31b97dd43a5f79e50505afa63cd60be1df89003ae774d071777433cfc2b14359e581175b290ef33
-
SSDEEP
12288:KaM55j1f/QOwOSnV8Eh3doxeNZNN2lFzx3ycxXs4:Ka6z3E4INX03ycxc4
Static task
static1
Behavioral task
behavioral1
Sample
0d68d238d713f63ff02be916ae633466.dll
Resource
win7-20231215-en
Malware Config
Extracted
gozi
Extracted
gozi
8877
outlook.com
zaluoa.live
daskdjknefjkewfnkjwe.net
-
base_path
/jkloop/
-
build
250207
-
dga_season
10
-
exe_type
loader
-
extension
.kre
-
server_id
12
Targets
-
-
Target
0d68d238d713f63ff02be916ae633466
-
Size
543KB
-
MD5
0d68d238d713f63ff02be916ae633466
-
SHA1
46958a4143c337f8406b0c785d434c8892e902e8
-
SHA256
9c4088dfc53bb7b6d9887d200801a926b73c09458910460a2d6f4e2d67f13e6e
-
SHA512
502daafc9ba908cf8b682e2496be0785c7ccf035e8876df2b31b97dd43a5f79e50505afa63cd60be1df89003ae774d071777433cfc2b14359e581175b290ef33
-
SSDEEP
12288:KaM55j1f/QOwOSnV8Eh3doxeNZNN2lFzx3ycxXs4:Ka6z3E4INX03ycxc4
-
Blocklisted process makes network request
-