General
-
Target
1048-56-0x00000000001D0000-0x00000000001DD000-memory.dmp
-
Size
52KB
-
Sample
240303-ed1nvsch35
-
MD5
10c1535d0b06c0be378e3fc3b014687c
-
SHA1
75d6fa0fbfa4288f32b027afaf4077ec20b76718
-
SHA256
e5f16f23b3049c8246b8d03b61ea742b77b43d1a7212768e1550b819d2a3cc6e
-
SHA512
855375fc1586d4b20a09fbf17a55414035d68fa13e8dfbf2e4557383b39101622882eb7137d244366e50baeda17420be3891d8ded3e6be7929573224ab2d7c50
-
SSDEEP
768:mkc9Q1q7n7iIS3/M4FKT+xGHewB2KyHGNc9l02dMphK3D1GcQh:mC1q63/Mgu+STBMJ9l02dM2D1GcQ
Behavioral task
behavioral1
Sample
1048-56-0x00000000001D0000-0x00000000001DD000-memory.dll
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
1048-56-0x00000000001D0000-0x00000000001DD000-memory.dll
Resource
win10v2004-20240226-en
Malware Config
Extracted
gozi
7715
checklist.skype.com
62.173.142.81
193.233.175.113
109.248.11.184
212.109.218.26
185.68.93.7
-
base_path
/drew/
-
build
250255
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
1048-56-0x00000000001D0000-0x00000000001DD000-memory.dmp
-
Size
52KB
-
MD5
10c1535d0b06c0be378e3fc3b014687c
-
SHA1
75d6fa0fbfa4288f32b027afaf4077ec20b76718
-
SHA256
e5f16f23b3049c8246b8d03b61ea742b77b43d1a7212768e1550b819d2a3cc6e
-
SHA512
855375fc1586d4b20a09fbf17a55414035d68fa13e8dfbf2e4557383b39101622882eb7137d244366e50baeda17420be3891d8ded3e6be7929573224ab2d7c50
-
SSDEEP
768:mkc9Q1q7n7iIS3/M4FKT+xGHewB2KyHGNc9l02dMphK3D1GcQh:mC1q63/Mgu+STBMJ9l02dM2D1GcQ
Score3/10 -