General
-
Target
1312-57-0x0000000000220000-0x00000000002B0000-memory.dmp
-
Size
576KB
-
Sample
240305-1q5dgaad9w
-
MD5
00999d0c7441f7df98d7c51555e49b49
-
SHA1
c82684c033dca25a5e06239dd89c26ba50290769
-
SHA256
46b3c88f0c0b01af8133ea8f70ead6ac5728194ad6dc5fa2a28835bce5b1b0e8
-
SHA512
b4c2df11efadafd39dbf388c2b98b9816dba2aa689a7a58aaee165a7dc984002b27e0a0d458f677f9926854061762c09cf550aee1eb8b5294cfa6be8fef6a605
-
SSDEEP
768:B2fdU27y2VWZYmACvCsyXAXdHon1a7KLtA/+aPW0d6dfXSt8wpaJMHg4k+R:+u2+2VoYmAwyAtv7K6maPFwdf/wmSk
Behavioral task
behavioral1
Sample
1312-57-0x0000000000220000-0x00000000002B0000-memory.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1312-57-0x0000000000220000-0x00000000002B0000-memory.dll
Resource
win10v2004-20240226-en
Malware Config
Extracted
gozi
Extracted
gozi
5050
https://config.edge.skype.com
91.215.85.222
-
base_path
/jerry/
-
build
250257
-
exe_type
loader
-
extension
.bob
-
server_id
50
Targets
-
-
Target
1312-57-0x0000000000220000-0x00000000002B0000-memory.dmp
-
Size
576KB
-
MD5
00999d0c7441f7df98d7c51555e49b49
-
SHA1
c82684c033dca25a5e06239dd89c26ba50290769
-
SHA256
46b3c88f0c0b01af8133ea8f70ead6ac5728194ad6dc5fa2a28835bce5b1b0e8
-
SHA512
b4c2df11efadafd39dbf388c2b98b9816dba2aa689a7a58aaee165a7dc984002b27e0a0d458f677f9926854061762c09cf550aee1eb8b5294cfa6be8fef6a605
-
SSDEEP
768:B2fdU27y2VWZYmACvCsyXAXdHon1a7KLtA/+aPW0d6dfXSt8wpaJMHg4k+R:+u2+2VoYmAwyAtv7K6maPFwdf/wmSk
Score3/10 -