General
-
Target
1304-56-0x0000000000400000-0x00000000004C9000-memory.dmp
-
Size
804KB
-
Sample
240302-rbfxwsea7t
-
MD5
8c08a18c0f9e0f8a1de21da5fae7311c
-
SHA1
610cfc023413706db2faea9f8549824bb1c63feb
-
SHA256
99a4cfe95df165a189a2aa9dccbf3797b7cada02a1107d7cd63523d9fe72e16c
-
SHA512
d89dd66666e85cfef2790fd12f48d122e514423e6db7354d6ff95b89c5b7ae281d0e351e55cbf4418d376511b0fc3c4eb064393db536ab99f1119153340c8138
-
SSDEEP
3072:CfKwgNoVUE3HndEo6Gsm63+iDthdmeAl2tWJNwX3of6idPYdqDsptmz:cKwgOVUu9fNYKeLQPwkPYdqAb+
Behavioral task
behavioral1
Sample
1304-56-0x0000000000400000-0x00000000004C9000-memory.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1304-56-0x0000000000400000-0x00000000004C9000-memory.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
gozi
Extracted
gozi
7712
checklist.skype.com
62.173.141.36
31.41.44.85
193.233.175.98
46.8.210.110
89.116.227.49
-
base_path
/drew/
-
build
250255
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
1304-56-0x0000000000400000-0x00000000004C9000-memory.dmp
-
Size
804KB
-
MD5
8c08a18c0f9e0f8a1de21da5fae7311c
-
SHA1
610cfc023413706db2faea9f8549824bb1c63feb
-
SHA256
99a4cfe95df165a189a2aa9dccbf3797b7cada02a1107d7cd63523d9fe72e16c
-
SHA512
d89dd66666e85cfef2790fd12f48d122e514423e6db7354d6ff95b89c5b7ae281d0e351e55cbf4418d376511b0fc3c4eb064393db536ab99f1119153340c8138
-
SSDEEP
3072:CfKwgNoVUE3HndEo6Gsm63+iDthdmeAl2tWJNwX3of6idPYdqDsptmz:cKwgOVUu9fNYKeLQPwkPYdqAb+
Score3/10 -