General
-
Target
ed3bb183361d854959b4e3fd46a734ec957eabe9609b6a25f05c6dec39715f3a.zip
-
Size
211KB
-
Sample
210311-wk1csdpzxn
-
MD5
aa6cf9fa7152abc15382488145a1394f
-
SHA1
f28401be386b2c7e4f30a8323243991956ef3f83
-
SHA256
865174220f6c4720c8c5f3aa973785abea173d041a9b755186eff90a02c670f8
-
SHA512
bb7db2e48640c6afb7ee1ef60e866d415b1037e19f06001839a2e4cd930d5430fd1e299deae3b9948f505075da43bb898c1f57453025c434c61cf49411c25f43
Static task
static1
Behavioral task
behavioral1
Sample
ed3bb183361d854959b4e3fd46a734ec957eabe9609b6a25f05c6dec39715f3a.vbs
Resource
win7v20201028
Malware Config
Extracted
gozi_ifsb
2200
api10.laptok.at/api1
golang.feel500.at/api1
go.in100k.at/api1
-
build
250180
-
exe_type
loader
-
server_id
730
Targets
-
-
Target
ed3bb183361d854959b4e3fd46a734ec957eabe9609b6a25f05c6dec39715f3a.vbs
-
Size
780KB
-
MD5
e1f254d971bc086cf36dfa00d8625838
-
SHA1
10f4ec1bfcadd0c3753d695d6d85463699d609a3
-
SHA256
ed3bb183361d854959b4e3fd46a734ec957eabe9609b6a25f05c6dec39715f3a
-
SHA512
9380f2131062a9c83d7abb8e7911293debf2eeeafd45b9e60fd64b2d628a79881603db1bf69c79586920e1011dff0882cac1842dfcdee45fbb92c76a9c1aac2d
-
Deletes itself
-
Loads dropped DLL
-