Analysis
-
max time kernel
152s -
max time network
156s -
resource
win7v191014
Task
task1
Sample
d1ecc1919cb5eb738f08fb103871cd8845cef5b6bcd7bafd3fdcb2f180e64ec5.exe
Resource
win7v191014
0 signatures
Task
task2
Sample
d1ecc1919cb5eb738f08fb103871cd8845cef5b6bcd7bafd3fdcb2f180e64ec5.exe
Resource
win10v191014
0 signatures
General
-
Target
d1ecc1919cb5eb738f08fb103871cd8845cef5b6bcd7bafd3fdcb2f180e64ec5
-
Sample
191025-hm4e2mdzf2
-
SHA256
d1ecc1919cb5eb738f08fb103871cd8845cef5b6bcd7bafd3fdcb2f180e64ec5
Score
N/A
Malware Config
Extracted
Family
ursnif
Botnet
2000
C2
x1.narutik.at/webstore cdn5.narutik.at/webstore cd.pranahat.at/webstore
Attributes
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
1.320669898e+09
-
dga_season
10
-
dga_tlds
com
ru
org
-
dns_servers
172.104.136.243
8.8.8.8
176.126.70.119
51.15.98.97
193.183.98.66
rsa_pubkey.base64
serpent.plain