Overview

overview

10

Static

static

b39a6f06e2...b2.exe

windows7_x64

10

b39a6f06e2...b2.exe

windows10_x64

10

Analysis

  • max time kernel
    7s
  • max time network
    9s
  • platform
    windows7_x64
  • resource
    win7v20201028
  • submitted
    01-03-2021 09:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b39a6f06e279f02fc14cefc4d13895b2.exe

  • Size

    196KB

  • MD5

    b39a6f06e279f02fc14cefc4d13895b2

  • SHA1

    51a61bcddc41f5fba51d1d9ea85e156587867174

  • SHA256

    1592f542473e48b5a4ceac2f276254d0e8c4c7f820e500979f2a787bb6e32507

  • SHA512

    e950db78cd562fc83cd485f7544eb0acabe9f8ddc0ef9bbc782a56d0d04b0506c469f260acb2b78e6fc17cc392f3065162af084b08f0e865acb3896d67d30b60

Score
10/10
gozi_ifsb6565bankertrojan

Malware Config

Extracted

Family

gozi_ifsb

Botnet

6565

C2

updates.microsoft.com

klounisoronws.xyz

darwikalldkkalsld.xyz
Attributes
  • build

    250177

  • dga_season

    10

  • exe_type

    loader

  • server_id

    12

rsa_pubkey.base64
serpent.plain

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\b39a6f06e279f02fc14cefc4d13895b2.exe
    "C:\Users\Admin\AppData\Local\Temp\b39a6f06e279f02fc14cefc4d13895b2.exe"
    1⤵
      PID:1056

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1056-2-0x0000000002FB0000-0x0000000002FC1000-memory.dmp
      Filesize

      68KB

      Download
    • memory/1056-3-0x0000000000020000-0x000000000002C000-memory.dmp
      Filesize

      48KB

      Download
    • memory/1056-4-0x0000000000400000-0x000000000040F000-memory.dmp
      Filesize

      60KB

      Download