General
-
Target
gozi.dll
-
Size
400KB
-
Sample
210528-ksjjc6agta
-
MD5
0c73469f171a9ed0d5e29d929e4a3180
-
SHA1
653e93c5583fa58037139e0fc61bcdd0e65974ad
-
SHA256
f2147511fb2f25676365c0fa04756007d8311b9a730d618bf344e5946fd4395e
-
SHA512
8ed1137bc3efae03200b8ac89540c78946343adb4e055de4a07c8d5076603d353a33a74c63df05e1bd42556650b20224b981a6262de9c5fa171c7c5ab481df17
Static task
static1
Behavioral task
behavioral1
Sample
peppercorn.swift.dll
Resource
win7v20210410
Malware Config
Extracted
gozi_ifsb
3300
api10.laptok.at/api1
-
build
250155
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
730
Targets
-
-
Target
peppercorn.swift
-
Size
531KB
-
MD5
f1e7c116fad465169694a6dd801bcc1b
-
SHA1
8b6a98055791f71c8bbd5379374ba85190fdb942
-
SHA256
7b41dc2e287a4c05053413b9b14c8af713b68d01f5f35ac4aebf4d208337e7bf
-
SHA512
8d2e22eef14475d83fb86e93956d9410c7b4ee498efba6b3d8e456f7dabd3839d86b1e8972cc44f401600a69af8d0fe457827fd22fba950e7df24a996ae715d5
-