General
-
Target
codec.dll
-
Size
345KB
-
Sample
210923-tcxyxaefdn
-
MD5
e7ac180e8217a97505fee5b06709d331
-
SHA1
85b078b46c648ec00de6e1952e4d165edbbc878e
-
SHA256
d5fe3f6846ca1f5e09e94d66a816c3fc00634013ca7bf9e35361bd185a27c395
-
SHA512
cbdab6a7e967cccb6b5cd2e611b479b367ee3b160936ec697a6c929f8ad47f767a7c427afea04e192421f1c064b00773cd53344981755bd56a6448280ac09fe5
Static task
static1
Behavioral task
behavioral1
Sample
codec.dll
Resource
win7-en-20210920
Malware Config
Extracted
gozi_ifsb
1500
apt.updateffboruse.com
app.updatebrouser.com
-
build
250211
-
exe_type
loader
-
server_id
580
Targets
-
-
Target
codec.dll
-
Size
345KB
-
MD5
e7ac180e8217a97505fee5b06709d331
-
SHA1
85b078b46c648ec00de6e1952e4d165edbbc878e
-
SHA256
d5fe3f6846ca1f5e09e94d66a816c3fc00634013ca7bf9e35361bd185a27c395
-
SHA512
cbdab6a7e967cccb6b5cd2e611b479b367ee3b160936ec697a6c929f8ad47f767a7c427afea04e192421f1c064b00773cd53344981755bd56a6448280ac09fe5
-
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M1 (_2B)
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M1 (_2B)
-
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M2 (_2F)
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M2 (_2F)
-
Blocklisted process makes network request
-