General
-
Target
beneficial.odt
-
Size
643KB
-
Sample
210731-s53a3se1ej
-
MD5
9f9830791b377db452e376b1f5b7a609
-
SHA1
4a7bb8bf507fbcd55aad260b9de7aad24a8ce83a
-
SHA256
e1eccd1c27d390a9b08fe3314e450b97348d36fccf0cdada901edf9270a503bd
-
SHA512
10a948089c3a6989db5c62091f76309e3c7b8ad884cd09fa5c914ae7ac5981831e618d2ee9d5d412f8ef79616d60e03f13250d074f713d21f50a3db4e74b5b7c
Static task
static1
Behavioral task
behavioral1
Sample
beneficial.odt.dll
Resource
win7v20210410
Malware Config
Extracted
gozi_ifsb
1500
gtr.antoinfer.com
app.bighomegl.at
-
build
250211
-
exe_type
loader
-
server_id
580
Targets
-
-
Target
beneficial.odt
-
Size
643KB
-
MD5
9f9830791b377db452e376b1f5b7a609
-
SHA1
4a7bb8bf507fbcd55aad260b9de7aad24a8ce83a
-
SHA256
e1eccd1c27d390a9b08fe3314e450b97348d36fccf0cdada901edf9270a503bd
-
SHA512
10a948089c3a6989db5c62091f76309e3c7b8ad884cd09fa5c914ae7ac5981831e618d2ee9d5d412f8ef79616d60e03f13250d074f713d21f50a3db4e74b5b7c
-
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M1 (_2B)
-
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M2 (_2F)
-
Blocklisted process makes network request
-