General
-
Target
variableVar.jpg
-
Size
563KB
-
Sample
210313-cgmqz3pmr6
-
MD5
3004a64ba549f0a7d15d394d1f3e955e
-
SHA1
a0e33fe6861a1afb2f201d6166a6e6e5414d9108
-
SHA256
4080ff8f402587476926487e628103c97d0519f65f4d3222b152507e60816059
-
SHA512
52d0be6e082f9449fb6f811c4e2edc1b034b0de5cd675c4a66f01fb6e4a7e024608f35bb80d36b5fa954da1c2d36f0a7015c258dc39f04d0fcad73a856771482
Static task
static1
Behavioral task
behavioral1
Sample
variableVar.jpg.dll
Resource
win7v20201028
Malware Config
Extracted
gozi_ifsb
5500
windows.update.com
shop.microsoft.com
fraloopilo.xyz
paladingrazz.xyz
web.vortex.data.microsoft.com
ocsp.sca1b.amazontrust.com
185.82.218.53
107.181.187.187
195.123.208.101
185.14.29.31
kraufaundingf.xyz
prilukisoft.xyz
drakluskolikooo.xyz
-
build
250177
-
dga_season
10
-
exe_type
loader
-
server_id
12
Targets
-
-
Target
variableVar.jpg
-
Size
563KB
-
MD5
3004a64ba549f0a7d15d394d1f3e955e
-
SHA1
a0e33fe6861a1afb2f201d6166a6e6e5414d9108
-
SHA256
4080ff8f402587476926487e628103c97d0519f65f4d3222b152507e60816059
-
SHA512
52d0be6e082f9449fb6f811c4e2edc1b034b0de5cd675c4a66f01fb6e4a7e024608f35bb80d36b5fa954da1c2d36f0a7015c258dc39f04d0fcad73a856771482
-
Suspicious use of SetThreadContext
-