General
-
Target
1568-56-0x0000000000400000-0x00000000004DB000-memory.dmp
-
Size
876KB
-
Sample
240303-k8r8vsgg83
-
MD5
e0c227f092cd392122b33d2ca02ba9da
-
SHA1
88f3d1c7030a450926835796b1afafb672bc0da0
-
SHA256
2b27d98ef5dd777c7e4aec21d9fc76408f73ecd27c25cea705d06d0a8d2c9e5f
-
SHA512
fe647fb7651ab232263cdf708c990a30464f4baeb9c9bf0425d32cdede3cf70ebad76981563d02ade6926b07049fadecf95bf7c2fb6fa32b77f1e010ef1d7f54
-
SSDEEP
3072:VfKlVNoVUE3HnPatQNb5AACG/TuSn4G+btjGWHAoGAVfAgwn0F:RKlVOVUuvsC12Sv8xHGT
Behavioral task
behavioral1
Sample
1568-56-0x0000000000400000-0x00000000004DB000-memory.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1568-56-0x0000000000400000-0x00000000004DB000-memory.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
gozi
Extracted
gozi
7715
checklist.skype.com
62.173.142.50
31.41.44.87
109.248.11.217
212.109.218.151
5.44.45.83
62.173.142.81
193.233.175.113
109.248.11.184
212.109.218.26
185.68.93.7
-
base_path
/drew/
-
build
250255
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
1568-56-0x0000000000400000-0x00000000004DB000-memory.dmp
-
Size
876KB
-
MD5
e0c227f092cd392122b33d2ca02ba9da
-
SHA1
88f3d1c7030a450926835796b1afafb672bc0da0
-
SHA256
2b27d98ef5dd777c7e4aec21d9fc76408f73ecd27c25cea705d06d0a8d2c9e5f
-
SHA512
fe647fb7651ab232263cdf708c990a30464f4baeb9c9bf0425d32cdede3cf70ebad76981563d02ade6926b07049fadecf95bf7c2fb6fa32b77f1e010ef1d7f54
-
SSDEEP
3072:VfKlVNoVUE3HnPatQNb5AACG/TuSn4G+btjGWHAoGAVfAgwn0F:RKlVOVUuvsC12Sv8xHGT
Score3/10 -