General
-
Target
1696-58-0x00000000001F0000-0x00000000001FE000-memory.dmp
-
Size
56KB
-
Sample
240304-ayhxbsch3t
-
MD5
3adbf2d534a6f1aacba017725f6f5fb8
-
SHA1
5fcb2f4f5eca112d81d3e2f1d0e359770002184b
-
SHA256
1a5247301746134418587ea00abac399d712eb9131bba387a12e17807b94de71
-
SHA512
81c9fb10d53f9f56936e1b8e3cc35a58e8f6794c3ea310134391cf17155d8737bb437004dd3923fc20395b318e55466d52e6edbb162f850b3c6733457fa53031
-
SSDEEP
768:A2r1W1xm3L4bvdyVofuFr8dluSHUv1oxU/Zom87E4fHA4sj3Me5l7UDo+rCf:dMbm3L4B2rFr4DU6x2JE3Q1lUnr
Behavioral task
behavioral1
Sample
1696-58-0x00000000001F0000-0x00000000001FE000-memory.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1696-58-0x00000000001F0000-0x00000000001FE000-memory.dll
Resource
win10v2004-20240226-en
Malware Config
Extracted
gozi
Extracted
gozi
5050
https://config.edge.skype.com
91.215.85.186
-
base_path
/jerry/
-
build
250255
-
exe_type
loader
-
extension
.bob
-
server_id
50
Targets
-
-
Target
1696-58-0x00000000001F0000-0x00000000001FE000-memory.dmp
-
Size
56KB
-
MD5
3adbf2d534a6f1aacba017725f6f5fb8
-
SHA1
5fcb2f4f5eca112d81d3e2f1d0e359770002184b
-
SHA256
1a5247301746134418587ea00abac399d712eb9131bba387a12e17807b94de71
-
SHA512
81c9fb10d53f9f56936e1b8e3cc35a58e8f6794c3ea310134391cf17155d8737bb437004dd3923fc20395b318e55466d52e6edbb162f850b3c6733457fa53031
-
SSDEEP
768:A2r1W1xm3L4bvdyVofuFr8dluSHUv1oxU/Zom87E4fHA4sj3Me5l7UDo+rCf:dMbm3L4B2rFr4DU6x2JE3Q1lUnr
Score1/10 -