General
-
Target
d.vbs
-
Size
1.4MB
-
Sample
210318-l3v5dqezd2
-
MD5
c401465cb8e7f200ed7ec5fdb70cc617
-
SHA1
15a9df9afca4c60d6d38b7bc68be0ea141d7d7f8
-
SHA256
d37c04ff173c28adb69de9f947eeb65184f9a3d69a33fde8f959b36ddc52bc89
-
SHA512
5024c2a96a767af9bb04f0b59cc25aba89c420f995956970cb8fee049e4d75118973071159f81e1b4082b597bb1c1c91c6f20914ebe0479a9321d48772831188
Static task
static1
Behavioral task
behavioral1
Sample
d.vbs
Resource
win7v20201028
Malware Config
Extracted
gozi_ifsb
2200
api10.laptok.at/api1
golang.feel500.at/api1
go.in100k.at/api1
-
build
250180
-
exe_type
loader
-
server_id
730
Targets
-
-
Target
d.vbs
-
Size
1.4MB
-
MD5
c401465cb8e7f200ed7ec5fdb70cc617
-
SHA1
15a9df9afca4c60d6d38b7bc68be0ea141d7d7f8
-
SHA256
d37c04ff173c28adb69de9f947eeb65184f9a3d69a33fde8f959b36ddc52bc89
-
SHA512
5024c2a96a767af9bb04f0b59cc25aba89c420f995956970cb8fee049e4d75118973071159f81e1b4082b597bb1c1c91c6f20914ebe0479a9321d48772831188
-
Deletes itself
-
Loads dropped DLL
-