General
-
Target
cessentl1.dll
-
Size
449KB
-
Sample
210325-fk36nwc2h6
-
MD5
caec766872f0fc3c7e4af0bf1e5cc939
-
SHA1
dfb603663f5de381eafb617dccf51a2c30f34a4d
-
SHA256
afe4ae071261d7c5e03b4e96e253182a270d1e2c4f772d4d947e5d5cf3005984
-
SHA512
aa22e020c44220258aabf0950de87846860c4a7bea1a6e9c50f2a7fa6ca537952398b2322acab8a24c75424cabc1466cf00714d884db4f2252bf60b586e0ecf1
Static task
static1
Behavioral task
behavioral1
Sample
cessentl1.dll
Resource
win7v20201028
Malware Config
Extracted
gozi_rm3
210301
https://gotoregt.space
-
build
300960
-
exe_type
loader
-
non_target_locale
RU
-
server_id
12
-
url_path
index.htm
Targets
-
-
Target
cessentl1.dll
-
Size
449KB
-
MD5
caec766872f0fc3c7e4af0bf1e5cc939
-
SHA1
dfb603663f5de381eafb617dccf51a2c30f34a4d
-
SHA256
afe4ae071261d7c5e03b4e96e253182a270d1e2c4f772d4d947e5d5cf3005984
-
SHA512
aa22e020c44220258aabf0950de87846860c4a7bea1a6e9c50f2a7fa6ca537952398b2322acab8a24c75424cabc1466cf00714d884db4f2252bf60b586e0ecf1
-
Blocklisted process makes network request
-