General
-
Target
SecuriteInfo.com.W32.AIDetect.malware1.29648.1313
-
Size
283KB
-
Sample
210226-an45d269qa
-
MD5
7270108facd5a2a3f767ef0605cf2572
-
SHA1
cba5906ccfe6346aea95dd6423c4a6c4f1231771
-
SHA256
33b931c8f19d3ef8b354cc7ca24ebfbb2cdf2b83e5717b1dd7c81cef80238591
-
SHA512
6652d34b3fcb93f9632222a90bbc6f4605c045a38081ed2414ad1efae3e5513b94b6b24357ec593cde1c7e75fa7e8dfc8f917bb8ce459d8a6a8a602785fc630b
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.W32.AIDetect.malware1.29648.1313.exe
Resource
win7v20201028
Malware Config
Extracted
gozi_ifsb
6565
updates.microsoft.com
klounisoronws.xyz
darwikalldkkalsld.xyz
c1.microsoft.com
ctldl.windowsupdate.com
195.123.209.122
185.82.218.23
5.34.183.180
bloombergdalas.xyz
groovermanikos.xyz
kadskasdjlkewrjk.xyz
-
build
250177
-
dga_season
10
-
exe_type
loader
-
server_id
12
Targets
-
-
Target
SecuriteInfo.com.W32.AIDetect.malware1.29648.1313
-
Size
283KB
-
MD5
7270108facd5a2a3f767ef0605cf2572
-
SHA1
cba5906ccfe6346aea95dd6423c4a6c4f1231771
-
SHA256
33b931c8f19d3ef8b354cc7ca24ebfbb2cdf2b83e5717b1dd7c81cef80238591
-
SHA512
6652d34b3fcb93f9632222a90bbc6f4605c045a38081ed2414ad1efae3e5513b94b6b24357ec593cde1c7e75fa7e8dfc8f917bb8ce459d8a6a8a602785fc630b
-
Deletes itself
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-