General
-
Target
Attachment_32954.vbs
-
Size
1.4MB
-
Sample
210409-lxvtdjsswx
-
MD5
39eb3427fd329de93a19190d84273710
-
SHA1
5d9009503b3500c0b6d35e272dd9160e9d873e46
-
SHA256
adf9ca509037dc8ae4090fa9fa92c8eee621a9860a00da566b25643aa8689799
-
SHA512
37f66cd5752fa5693c8132c9bfdc0c4df05c0a8a5fe5cf9ae686b848e1196b03fbbad52babfe2c10fb2a9ba7648748883a1727fa0f79ceb0906ec6283a1366ce
Static task
static1
Behavioral task
behavioral1
Sample
Attachment_32954.vbs
Resource
win7v20201028
Malware Config
Extracted
gozi_ifsb
2200
api10.laptok.at/api1
golang.feel500.at/api1
go.in100k.at/api1
-
build
250180
-
exe_type
loader
-
server_id
730
Targets
-
-
Target
Attachment_32954.vbs
-
Size
1.4MB
-
MD5
39eb3427fd329de93a19190d84273710
-
SHA1
5d9009503b3500c0b6d35e272dd9160e9d873e46
-
SHA256
adf9ca509037dc8ae4090fa9fa92c8eee621a9860a00da566b25643aa8689799
-
SHA512
37f66cd5752fa5693c8132c9bfdc0c4df05c0a8a5fe5cf9ae686b848e1196b03fbbad52babfe2c10fb2a9ba7648748883a1727fa0f79ceb0906ec6283a1366ce
-
Deletes itself
-
Loads dropped DLL
-