Analysis
-
max time kernel
30s -
max time network
8s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
09-11-2020 20:18
Static task
static1
Behavioral task
behavioral1
Sample
d2cf37694cdb309cce804473c01072b8d1c3c1e9b82b41e432083f0d49299d2d.exe
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
General
-
Target
d2cf37694cdb309cce804473c01072b8d1c3c1e9b82b41e432083f0d49299d2d.exe
-
Size
149KB
-
MD5
8a284bd4b467f47a0c7f32e9d5bb99ea
-
SHA1
5820c7e13bc3eaa8b54ee7ccd00d9bf8d7268e91
-
SHA256
2bd5a5a663b3a2818136ba7f1b3c431c50de70e70416b9bcdce3fee23ee3353e
-
SHA512
2782c3cfb036c17130be4e0070caf327f619251c7134122962b5b9a54e5c13d9e1e7a5a1a6df7fd0674e8c620ae9e0fcfed241ef8a1ec28a89665f402c78eeca
Malware Config
Extracted
Family
ursnif
Botnet
3475
C2
google.com
gmail.com
q982yeq23.xyz
t7763jykqeiy.com
hjruu.com
Attributes
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
1.320669898e+09
-
dga_season
10
-
dga_tlds
com
ru
org
- dns_servers
rsa_pubkey.base64
serpent.plain