General
-
Target
2004-56-0x0000000000400000-0x00000000004C6000-memory.dmp
-
Size
792KB
-
Sample
240302-n5zqbadb2x
-
MD5
43e4c8cf72683353f746a99a8cd6d000
-
SHA1
10c69053ad274ddb281ae6febdd78e8e5490617a
-
SHA256
e1e8fd16249da259177f455bb23f0fa439c55fbe5aa52e9cb2cbbbbaf5c3fd29
-
SHA512
27a67eb59240fcbfb95f18d8e4b577396706c6b9ea73990194811b89c1df95316dd0eba6e12ee5c750269074fdf7ae4b6c47fa9daa8a72e0f2bcaeb095c08373
-
SSDEEP
6144:fKKKH7l9MGn2b5NI9ZFFneK6VrFLI4eZu:fZKHB9MGM5N6ZznebVr0Zu
Behavioral task
behavioral1
Sample
2004-56-0x0000000000400000-0x00000000004C6000-memory.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2004-56-0x0000000000400000-0x00000000004C6000-memory.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
gozi
Extracted
gozi
7710
checklist.skype.com
62.173.140.103
31.41.44.63
46.8.19.239
185.77.96.40
46.8.19.116
31.41.44.48
62.173.139.11
62.173.138.251
-
base_path
/drew/
-
build
250255
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
2004-56-0x0000000000400000-0x00000000004C6000-memory.dmp
-
Size
792KB
-
MD5
43e4c8cf72683353f746a99a8cd6d000
-
SHA1
10c69053ad274ddb281ae6febdd78e8e5490617a
-
SHA256
e1e8fd16249da259177f455bb23f0fa439c55fbe5aa52e9cb2cbbbbaf5c3fd29
-
SHA512
27a67eb59240fcbfb95f18d8e4b577396706c6b9ea73990194811b89c1df95316dd0eba6e12ee5c750269074fdf7ae4b6c47fa9daa8a72e0f2bcaeb095c08373
-
SSDEEP
6144:fKKKH7l9MGn2b5NI9ZFFneK6VrFLI4eZu:fZKHB9MGM5N6ZznebVr0Zu
Score3/10 -