General
-
Target
3319.dll
-
Size
120KB
-
Sample
210208-1678vpezkx
-
MD5
291843b31dd6243ad3b9e8c49c02e6f3
-
SHA1
e6905ed61bcd5f84e39b38e288cda4a544688154
-
SHA256
ae4cf317e4ef531b9964817fc51955cef7b0f41dcf6eabf5988e8762238e3d63
-
SHA512
d9c3de5866487ce177e3b71bd4391c5f33b483e52060d470397768cd0b7892be6eb4dd2e07e8ae30abcca8fbc08169a6e5a64c43c5996ce20f3e284c95c73be8
Static task
static1
Behavioral task
behavioral1
Sample
3319.dll
Resource
win7v20201028
Malware Config
Extracted
gozi_ifsb
3300
api10.laptok.at/api1
golang.feel500.at/api1
go.in100k.at/api1
-
build
250171
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
Targets
-
-
Target
3319.dll
-
Size
120KB
-
MD5
291843b31dd6243ad3b9e8c49c02e6f3
-
SHA1
e6905ed61bcd5f84e39b38e288cda4a544688154
-
SHA256
ae4cf317e4ef531b9964817fc51955cef7b0f41dcf6eabf5988e8762238e3d63
-
SHA512
d9c3de5866487ce177e3b71bd4391c5f33b483e52060d470397768cd0b7892be6eb4dd2e07e8ae30abcca8fbc08169a6e5a64c43c5996ce20f3e284c95c73be8
-
Blocklisted process makes network request
-