Overview

overview

10

Static

static

10

8.dll

windows7_x64

1

8.dll

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8.dll

  • Size

    223KB

  • MD5

    743e07c4c2ccb80ab58c041d6388e685

  • SHA1

    c5af42bab5d14e63c1cc257989ad25337c8f137e

  • SHA256

    1b13ca64d43c95a3e8fea7a7c41fab2d1a0bcfe80575145d4342c3672428f307

  • SHA512

    23959febacae4a6403c691f69e2dcc2039d443197eecb274cad4a9ba0d93f79dc4aa27f992564e91242f77c7e43fa71dafb87d2b16311d0406ba3cd1bf2011ea

Score
10/10
8877gozi_ifsb

Malware Config

Extracted

Family

gozi_ifsb

Botnet

8877

C2

microsoft.com/blog

193.239.84.205

193.239.84.206

193.239.84.207

kloooplooloaaa.nl

jdkloooqppwopppp99.nl

claritymodules.nl
Attributes
  • dga_season

    10

  • dns_servers

    107.174.86.134

    107.175.127.22

  • exe_type

    worker

  • server_id

    12

rsa_pubkey.plain
serpent.plain

Signatures

Files

  • 8.dll
    .dll windows x64