Analysis
-
max time kernel
31s -
max time network
11s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
09-11-2020 20:18
Static task
static1
Behavioral task
behavioral1
Sample
a8a24bfdf5de4000030be38cc90e3e24e9f215e87a351b6d80825bd9781fe23a.exe
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
General
-
Target
a8a24bfdf5de4000030be38cc90e3e24e9f215e87a351b6d80825bd9781fe23a.exe
-
Size
149KB
-
MD5
6ceb3ccf75e4da807c3e145335777ab0
-
SHA1
4f1fda8c8279acb1daf629a790ea26d363e0317b
-
SHA256
a7ccb16be21a4545df6e4edc1574b36a3c209fe040243bd70aec35b031a4e9ac
-
SHA512
6e92841bb34da468c592586fc15e38d72277089923d7fa0a7cd8d54210245277366fb8ccfd4fdd16310d87969d7276be7ffa2218a3a45cc58f4ad4b9fb71d831
Malware Config
Extracted
Family
ursnif
Botnet
3475
C2
google.com
gmail.com
q982yeq23.xyz
t7763jykqeiy.com
hjruu.com
Attributes
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
1.320669898e+09
-
dga_season
10
-
dga_tlds
com
ru
org
- dns_servers
rsa_pubkey.base64
serpent.plain