General
-
Target
1760-56-0x0000000000400000-0x0000000002BBF000-memory.dmp
-
Size
39.7MB
-
Sample
240302-m7k49scf5z
-
MD5
c52236ccc990a7653e5987fb40fb78dc
-
SHA1
2303ba8e474095b0a839d63302b2f16868ade166
-
SHA256
f21ee417c6eac827128dc8ca447825c4089daad752882886362d4250be2a82f8
-
SHA512
6bb6c6d5c11c51bdacd2f10d8d025ea8c37da7f4fa99826138b1bfe00ba36dbbc74f27ec9e23a1a917f8b398ec8eed7c2b7b1ae7fab5273895a4cd5bd10b420d
-
SSDEEP
3072:nfKJnKUZekHml9jSCwSsZaznV7dSYXnGqyQxkQA03GWvmb6MRi/4OJdLdKY9e5fT:fKJKH7l9MSsZMTX7yuA03LEDu
Behavioral task
behavioral1
Sample
1760-56-0x0000000000400000-0x0000000002BBF000-memory.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1760-56-0x0000000000400000-0x0000000002BBF000-memory.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
gozi
Extracted
gozi
7710
checklist.skype.com
62.173.140.103
31.41.44.63
46.8.19.239
185.77.96.40
46.8.19.116
31.41.44.48
62.173.139.11
62.173.138.251
-
base_path
/drew/
-
build
250255
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
1760-56-0x0000000000400000-0x0000000002BBF000-memory.dmp
-
Size
39.7MB
-
MD5
c52236ccc990a7653e5987fb40fb78dc
-
SHA1
2303ba8e474095b0a839d63302b2f16868ade166
-
SHA256
f21ee417c6eac827128dc8ca447825c4089daad752882886362d4250be2a82f8
-
SHA512
6bb6c6d5c11c51bdacd2f10d8d025ea8c37da7f4fa99826138b1bfe00ba36dbbc74f27ec9e23a1a917f8b398ec8eed7c2b7b1ae7fab5273895a4cd5bd10b420d
-
SSDEEP
3072:nfKJnKUZekHml9jSCwSsZaznV7dSYXnGqyQxkQA03GWvmb6MRi/4OJdLdKY9e5fT:fKJKH7l9MSsZMTX7yuA03LEDu
Score3/10 -