General
-
Target
rightWWindow.jpg
-
Size
563KB
-
Sample
210313-44cp7fam8a
-
MD5
ed24fcb1db8781f573c3e638465568da
-
SHA1
b0a26def3b4950163c18385ebe0fe798875078c4
-
SHA256
2f5ecd0d89ed3bf3c52cfa856f1dd4f68fed09b0cc3b827e43fd8e2fbcf0bfc0
-
SHA512
8c7262c237a73d6492e54adf9b724a976e1a046f1aa814f199aeb6df4cf153b296ec240a5d0c383e11a98e8763212fb37e2900e396d9e73d4d1a8ee25ceb9496
Static task
static1
Behavioral task
behavioral1
Sample
rightWWindow.jpg.dll
Resource
win7v20201028
Malware Config
Extracted
gozi_ifsb
5500
windows.update.com
shop.microsoft.com
fraloopilo.xyz
paladingrazz.xyz
web.vortex.data.microsoft.com
ocsp.sca1b.amazontrust.com
185.82.218.53
107.181.187.187
195.123.208.101
185.14.29.31
kraufaundingf.xyz
prilukisoft.xyz
drakluskolikooo.xyz
-
build
250177
-
dga_season
10
-
exe_type
loader
-
server_id
12
Targets
-
-
Target
rightWWindow.jpg
-
Size
563KB
-
MD5
ed24fcb1db8781f573c3e638465568da
-
SHA1
b0a26def3b4950163c18385ebe0fe798875078c4
-
SHA256
2f5ecd0d89ed3bf3c52cfa856f1dd4f68fed09b0cc3b827e43fd8e2fbcf0bfc0
-
SHA512
8c7262c237a73d6492e54adf9b724a976e1a046f1aa814f199aeb6df4cf153b296ec240a5d0c383e11a98e8763212fb37e2900e396d9e73d4d1a8ee25ceb9496
-
Suspicious use of SetThreadContext
-