IOC Report
gozi_loader.bin.exe

loading gif

Processes

Path
Cmdline
Malicious
C:\Users\user\Desktop\gozi_loader.bin.exe
C:\Users\user\Desktop\gozi_loader.bin.exe
 malicious

URLs

Name
IP
Malicious
http://checklist.skype.com/drew/YJnT5wK9lbi_2FYe8Kf5y/QYTs_2B6r_2FF8l0/fLw2xZG1XgX5PrO/q_2Bnf6Otc_2F
unknown
http://62.173.141.252/drew/y3O_2BnUepUaUzeF4C/FRcN_2F0g/JenmUZWHq05STtkRb5sf/OjHYpR2L_2F2jEOkrjw/2V_
unknown
http://62.173
unknown
http://ctldl.windowsup-k
unknown
http://62.173.141.252/t
unknown

Domains

Name
IP
Malicious
checklist.skype.com
unknown

IPs

IP
Domain
Country
Malicious
62.173.141.252
unknown
Russian Federation

Memdumps

Base Address
Regiontype
Protect
Malicious
1348000
heap
page read and write
 malicious
1348000
heap
page read and write
 malicious
1348000
heap
page read and write
 malicious
1348000
heap
page read and write
 malicious
1348000
heap
page read and write
 malicious
1348000
heap
page read and write
 malicious
1348000
heap
page read and write
 malicious
1348000
heap
page read and write
 malicious
1348000
heap
page read and write
 malicious
400000
unkown
page readonly
129DD654000
heap
page read and write
30CF000
stack
page read and write
129DE023000
heap
page read and write
403000
unkown
page readonly
129DD7B9000
heap
page read and write
32CD000
stack
page read and write
1B0C2FF000
stack
page read and write
940000
heap
page read and write
1EED5C90000
trusted library allocation
page read and write
E8E000
stack
page read and write
2DAC7713000
heap
page read and write
1EED5D00000
trusted library allocation
page read and write
24704C3E000
heap
page read and write
8CA68FE000
stack
page read and write
24704C13000
heap
page read and write
8CA66FB000
stack
page read and write
1CA1A445000
heap
page read and write
1CA1A474000
heap
page read and write
D8983FE000
stack
page read and write
2CA6F45C000
heap
page read and write
2DAC7662000
heap
page read and write
1F5B5E40000
heap
page read and write
FEC31FE000
stack
page read and write
F50000
heap
page read and write
129DDF94000
heap
page read and write
1EED4160000
heap
page read and write
401000
unkown
page execute read
D38000
heap
page read and write
1EED426D000
heap
page read and write
1F5B5EB0000
heap
page read and write
1CA1A442000
heap
page read and write
24704C66000
heap
page read and write
2DAC7600000
heap
page read and write
1B0BEF9000
stack
page read and write
129DDE02000
heap
page read and write
D38000
heap
page read and write
1EED431B000
heap
page read and write
D89827F000
stack
page read and write
1CA1A464000
heap
page read and write
1CA1A47D000
heap
page read and write
1A6F863E000
heap
page read and write
2DAC74B0000
heap
page read and write
2DAC7676000
heap
page read and write
129DD7E5000
heap
page read and write
D38000
heap
page read and write
1A6F8646000
heap
page read and write
134B000
heap
page read and write
2DAC7640000
heap
page read and write
129DD560000
heap
page read and write
129DDFC7000
heap
page read and write
8C3A77E000
stack
page read and write
31CF000
stack
page read and write
129DD63D000
heap
page read and write
775000
heap
page read and write
2CA6F502000
heap
page read and write
1EED426C000
heap
page read and write
1F5B6802000
trusted library allocation
page read and write
1CA1A2C0000
heap
page read and write
8CA667D000
stack
page read and write
2CA6F2F0000
heap
page read and write
2DAC7440000
heap
page read and write
1EED4300000
heap
page read and write
1EED4213000
heap
page read and write
129DDF6F000
heap
page read and write
1EED4313000
heap
page read and write
425E6FE000
stack
page read and write
1CA1A475000
heap
page read and write
425E3F9000
stack
page read and write
1F5B6079000
heap
page read and write
1A6F8600000
heap
page read and write
6FC000
stack
page read and write
129DD629000
heap
page read and write
1F5B6002000
heap
page read and write
B3A227F000
stack
page read and write
2CA6F429000
heap
page read and write
8C3A37F000
stack
page read and write
FEC2BFE000
stack
page read and write
2DAC7450000
heap
page read and write
33CA000
stack
page read and write
129DD687000
heap
page read and write
2DAC7670000
heap
page read and write
1A6F863B000
heap
page read and write
407000
unkown
page readonly
B3A1F7E000
stack
page read and write
FEC2DFF000
stack
page read and write
72A000
heap
page read and write
2CA6F2E0000
heap
page read and write
1CA1A250000
heap
page read and write
425E5FF000
stack
page read and write
24704A90000
heap
page read and write
340E000
stack
page read and write
1CA1A484000
heap
page read and write
720000
heap
page read and write
129DD78E000
heap
page read and write
469237B000
stack
page read and write
2CA6F380000
trusted library allocation
page read and write
1EED424E000
heap
page read and write
D897DAB000
stack
page read and write
1A6F864C000
heap
page read and write
1CA1A46A000
heap
page read and write
CB9000
heap
page read and write
1B0C1FE000
stack
page read and write
129DD500000
heap
page read and write
8CA67FC000
stack
page read and write
1B0B79B000
stack
page read and write
1EED4318000
heap
page read and write
1F5B6100000
heap
page read and write
B3A1B3E000
stack
page read and write
2DAC7702000
heap
page read and write
1CA1A465000
heap
page read and write
129DDF22000
heap
page read and write
24704C29000
heap
page read and write
B3A207E000
stack
page read and write
2CA6F3B0000
remote allocation
page read and write
2C80000
heap
page read and write
1CA1A441000
heap
page read and write
24704AF0000
heap
page read and write
B3A1BBE000
stack
page read and write
1CA1A429000
heap
page read and write
1EED423D000
heap
page read and write
24705512000
heap
page read and write
129DDF00000
heap
page read and write
19C000
stack
page read and write
8C3A57C000
stack
page read and write
129DD665000
heap
page read and write
129DDFB2000
heap
page read and write
8CA63FE000
stack
page read and write
8C3A17E000
stack
page read and write
24705500000
heap
page read and write
FEC30FF000
stack
page read and write
9D000
stack
page read and write
8CA607B000
stack
page read and write
2DAC7659000
heap
page read and write
401000
unkown
page execute read
1A6F85A0000
heap
page read and write
1A6F8E02000
trusted library allocation
page read and write
425E4FF000
stack
page read and write
1CA1A453000
heap
page read and write
129DD613000
heap
page read and write
1CA1A45D000
heap
page read and write
1A6F862F000
heap
page read and write
1F5B6113000
heap
page read and write
30000
heap
page read and write
5B5000
heap
page read and write
8CA69FE000
stack
page read and write
129DD590000
trusted library allocation
page read and write
FEC2EFF000
stack
page read and write
FEC2FFF000
stack
page read and write
24704A80000
heap
page read and write
1F5B606C000
heap
page read and write
1EED422A000
heap
page read and write
129DE030000
heap
page read and write
2CA6F402000
heap
page read and write
1A6F8702000
heap
page read and write
24704CB9000
heap
page read and write
1B0C27E000
stack
page read and write
2CA6F400000
heap
page read and write
1EED4302000
heap
page read and write
1F5B5FB0000
trusted library allocation
page read and write
1F5B6051000
heap
page read and write
B3A1ABC000
stack
page read and write
129DD670000
heap
page read and write
E4C000
stack
page read and write
1EED5E02000
trusted library allocation
page read and write
D89857F000
stack
page read and write
1A6F8641000
heap
page read and write
1CA1A44A000
heap
page read and write
364F000
stack
page read and write
8C3A67E000
stack
page read and write
2CA6F413000
heap
page read and write
1B0C0FF000
stack
page read and write
129DD5B0000
trusted library allocation
page read and write
8CA6AFE000
stack
page read and write
57C000
unclassified section
page readonly
1B0BFFA000
stack
page read and write
1F5B5E50000
heap
page read and write
8C3A27F000
stack
page read and write
1CA1A44C000
heap
page read and write
2C3E000
stack
page read and write
579000
unclassified section
page readonly
1CA1A47B000
heap
page read and write
2CA6F3B0000
remote allocation
page read and write
1CA1A43E000
heap
page read and write
D89807E000
stack
page read and write
1CA1A448000
heap
page read and write
5B0000
heap
page read and write
ECE000
stack
page read and write
129DD656000
heap
page read and write
1A6F8602000
heap
page read and write
1CA1A446000
heap
page read and write
129DE002000
heap
page read and write
D38000
heap
page read and write
1CA1A502000
heap
page read and write
1EED41D0000
heap
page read and write
1EED5D80000
remote allocation
page read and write
2DAC7613000
heap
page read and write
590000
heap
page read and write
1EED429E000
heap
page read and write
1A6F8654000
heap
page read and write
24704D13000
heap
page read and write
24704BF0000
trusted library allocation
page read and write
1EED4170000
heap
page read and write
570000
unclassified section
page read and write
1CA1A46D000
heap
page read and write
1CA1A43B000
heap
page read and write
8C39FFC000
stack
page read and write
129DD692000
heap
page read and write
1EED425D000
heap
page read and write
1F5B6000000
heap
page read and write
129DDF22000
heap
page read and write
D8982FE000
stack
page read and write
1CA1A47E000
heap
page read and write
F0E000
stack
page read and write
1F5B6040000
heap
page read and write
1F5B6028000
heap
page read and write
24704C25000
heap
page read and write
1F0000
heap
page read and write
469207B000
stack
page read and write
129DD677000
heap
page read and write
2CA6F440000
heap
page read and write
129DD68B000
heap
page read and write
D38000
heap
page read and write
1F5B6013000
heap
page read and write
FEC28FB000
stack
page read and write
D38000
heap
page read and write
1CA1A46B000
heap
page read and write
1EED425C000
heap
page read and write
2CA6FC02000
trusted library allocation
page read and write
2DAC7602000
heap
page read and write
2CA6F437000
heap
page read and write
D89877D000
stack
page read and write
D38000
heap
page read and write
2DAC75B0000
trusted library allocation
page read and write
129DD713000
heap
page read and write
D38000
heap
page read and write
1A6F8613000
heap
page read and write
1EED4275000
heap
page read and write
1F5B6075000
heap
page read and write
405000
unkown
page read and write
8CA657C000
stack
page read and write
1A6F8629000
heap
page read and write
24704CC7000
heap
page read and write
129DD4F0000
heap
page read and write
1EED4202000
heap
page read and write
24704C00000
heap
page read and write
FEC29FF000
stack
page read and write
469257E000
stack
page read and write
783000
heap
page read and write
1EED5D80000
remote allocation
page read and write
469247E000
stack
page read and write
1CA1AC02000
trusted library allocation
page read and write
425DEBC000
stack
page read and write
1CA1A463000
heap
page read and write
129DD691000
heap
page read and write
129DD600000
heap
page read and write
129DD62F000
heap
page read and write
1B0BD7F000
stack
page read and write
1CA1A44E000
heap
page read and write
1A6F8D50000
trusted library allocation
page read and write
1CA1A462000
heap
page read and write
129DDF43000
heap
page read and write
24704CCA000
heap
page read and write
1EED5D80000
remote allocation
page read and write
129DE013000
heap
page read and write
736000
heap
page read and write
400000
unkown
page readonly
2DAC7E02000
trusted library allocation
page read and write
1CA1A460000
heap
page read and write
D89867D000
stack
page read and write
129DDF54000
heap
page read and write
24704CE3000
heap
page read and write
1CA1A447000
heap
page read and write
129DD675000
heap
page read and write
1CA1A461000
heap
page read and write
1CA1A260000
heap
page read and write
24705402000
heap
page read and write
920000
heap
page read and write
354E000
stack
page read and write
350F000
stack
page read and write
8CA627C000
stack
page read and write
1CA1A3C0000
trusted library allocation
page read and write
1EED4200000
heap
page read and write
FEC2AFB000
stack
page read and write
1B0BE7B000
stack
page read and write
129DE000000
heap
page read and write
129DDFC0000
heap
page read and write
1CA1A449000
heap
page read and write
24704C6D000
heap
page read and write
1EED5C70000
trusted library allocation
page read and write
FEC2CFD000
stack
page read and write
1CA1A45F000
heap
page read and write
1EED426D000
heap
page read and write
1CA1A468000
heap
page read and write
1CA1A432000
heap
page read and write
403000
unkown
page readonly
FEC24AB000
stack
page read and write
2CA6F423000
heap
page read and write
1CA1A413000
heap
page read and write
8C3A47C000
stack
page read and write
1A6F85F0000
heap
page read and write
571000
unclassified section
page execute read
405000
unkown
page write copy
407000
unkown
page readonly
B3A217F000
stack
page read and write
8C39B8B000
stack
page read and write
78E000
heap
page read and write
1F5B6102000
heap
page read and write
129DDF02000
heap
page read and write
D38000
heap
page read and write
2DAC7629000
heap
page read and write
1EED425D000
heap
page read and write
129DE027000
heap
page read and write
D8984FD000
stack
page read and write
2CA6F3B0000
remote allocation
page read and write
2CA6F41F000
heap
page read and write
1CA1A46F000
heap
page read and write
8CA64FF000
stack
page read and write
2C7D000
stack
page read and write
1EED5CC0000
trusted library allocation
page read and write
57A000
unclassified section
page read and write
1B0BBFA000
stack
page read and write
2CA6F350000
heap
page read and write
469267B000
stack
page read and write
1CA1A400000
heap
page read and write
1CA1A443000
heap
page read and write
24704D02000
heap
page read and write
2BFF000
stack
page read and write
1A6F8590000
heap
page read and write
There are 328 hidden memdumps, click here to show them.