Overview

overview

10

Static

static

10

1627c6c0000.dll

windows7_x64

1

1627c6c0000.dll

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1627c6c0000.dll

  • Size

    240KB

  • MD5

    55362c3915545bdf7e3b8e728331d1ec

  • SHA1

    fc0819f712457036ec4feedc1c171c4ae2edd5fd

  • SHA256

    75fdf8a73aa8c1cf33ec48ad60725aebb8c1258ecd8c9548e8847ec7171addcf

  • SHA512

    e78c3290ca3ecda0454b03dc66e56851325bc8381dd6b8c14588c098ef9f9e7477d1ba0bcce24bd8e7c0fdbbc8ddc1289f7b2f45b2ba81506bae88061469ed59

Score
10/10
4500gozi_ifsb

Malware Config

Extracted

Family

gozi_ifsb

Botnet

4500

C2

todo.faroin.at

apr.intoolkom.at

r23cirt55ysvtdvl.onion

kas.kargoapp.at

gtk2.jamotbs.at

io.feen007.at

l46t3vgvmtx5wxe6.onion

ad7.finrokab.com

pop.biopiof.at

free.monotreener.com

tbs.fertolir.at

app.flashgameo.at
Attributes
  • exe_type

    worker

  • server_id

    580

rsa_pubkey.plain
serpent.plain

Signatures

Files

  • 1627c6c0000.dll
    .dll windows x64