Overview

overview

1

Static

static

10

2679a3c0000.dll

windows7_x64

1

2679a3c0000.dll

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2679a3c0000.dll

  • Size

    222KB

  • MD5

    0cec0b8c595eca3575f22201205190ba

  • SHA1

    aa2e29260529ecf47dba37c3b241b0f94166d4d1

  • SHA256

    9dc1bc93c9cfc754b7e3319a7435b7446bcaf03ddc56e6d9003c6878ddf27663

  • SHA512

    73232d67f0842c365425ffa8244bcdeacabcb5211346139e3bc5057c7c2e502e1ba7c8a3688329390c9ad46aaba0aa859789a472da1f353d3087089b5e4dcbe8

Score
10/10
4474gozi_ifsb

Malware Config

Extracted

Family

gozi_ifsb

Botnet

4474

C2

lycos.com

mail.yahoo.com

193.56.255.251

193.56.255.250

193.56.255.249

numolerunosell.online

gumolerunosell.online

rumolerunosell.online
Attributes
  • dga_season

    10

  • dga_tlds

    com

    ru

    org

  • exe_type

    worker

  • server_id

    12

rsa_pubkey.plain
serpent.plain

Signatures

Files

  • 2679a3c0000.dll
    .dll windows x64