General
-
Target
2032-56-0x0000000000400000-0x0000000002BBD000-memory.dmp
-
Size
39.7MB
-
Sample
240302-mfz44scd6x
-
MD5
10a9be0fcb49d17e69759c8d309e6d73
-
SHA1
ab1ec467cbb626ca41feea7b31ab51c0b0067fc8
-
SHA256
3e8f09f826e227916edaaa54888a8fbc3607741e6ecabb34ae6f58c069186776
-
SHA512
1e244e4072aec6fba5348940040bbd38e6223f134226c4c0d452343f154c13e12a7f9ba84bbd12e508d506ffa3040fb4a3de1865714ae3e65d9288a5b6c1b8e1
-
SSDEEP
3072:nfK6nKUZekHml9jSCwUaS4QirQo7GIYjj49BK5nW+HHQ3k0TfWupeU5DLK6PmUqd:fK6KH7l9Mu4rQ61ByqjfH5DLKcDqd
Behavioral task
behavioral1
Sample
2032-56-0x0000000000400000-0x0000000002BBD000-memory.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2032-56-0x0000000000400000-0x0000000002BBD000-memory.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
gozi
Extracted
gozi
7710
checklist.skype.com
62.173.140.103
31.41.44.63
46.8.19.239
185.77.96.40
46.8.19.116
31.41.44.48
62.173.139.11
62.173.138.251
-
base_path
/drew/
-
build
250255
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
2032-56-0x0000000000400000-0x0000000002BBD000-memory.dmp
-
Size
39.7MB
-
MD5
10a9be0fcb49d17e69759c8d309e6d73
-
SHA1
ab1ec467cbb626ca41feea7b31ab51c0b0067fc8
-
SHA256
3e8f09f826e227916edaaa54888a8fbc3607741e6ecabb34ae6f58c069186776
-
SHA512
1e244e4072aec6fba5348940040bbd38e6223f134226c4c0d452343f154c13e12a7f9ba84bbd12e508d506ffa3040fb4a3de1865714ae3e65d9288a5b6c1b8e1
-
SSDEEP
3072:nfK6nKUZekHml9jSCwUaS4QirQo7GIYjj49BK5nW+HHQ3k0TfWupeU5DLK6PmUqd:fK6KH7l9Mu4rQ61ByqjfH5DLKcDqd
Score3/10 -