Resubmissions
20-10-2021 14:28
211020-rs73pshbe3 1020-10-2021 14:15
211020-rkxl1ahbc9 420-10-2021 14:11
211020-rhcttahbc8 10Analysis
-
max time kernel
17s -
max time network
25s -
platform
windows10_x64 -
resource
win10-en-20210920 -
submitted
20-10-2021 14:11
Static task
static1
General
-
Target
5e7740afdd5c5865a2304e2f7c5fc3f1cd1016f503a4b1752923f44059fd1a57.exe
-
Size
208KB
-
MD5
35e3868c7d28d2ed87248077f670c707
-
SHA1
8e54a89fc59683cee86de964ec475dea9fc5618b
-
SHA256
5e7740afdd5c5865a2304e2f7c5fc3f1cd1016f503a4b1752923f44059fd1a57
-
SHA512
c8bbf7d192aff6c45005700014a22ea72832febc73b16ae925b339a356815b27bea3252917a9aa94e48fc05377b85bd1206f33c7e46fb17bdf325aff7ef40e37
Malware Config
Extracted
Family
gozi_ifsb
Attributes
-
build
214082
Extracted
Family
gozi_ifsb
Botnet
3400
C2
microsoft.com
update.microsoft.com
avast.com
tm90daron.club
jamericohermann.com
b9437ariane.com
Attributes
-
build
214082
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
rsa_pubkey.plain
serpent.plain
Signatures
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2452-115-0x0000000000D60000-0x0000000000D6E000-memory.dmpFilesize
56KB
-
memory/2452-116-0x0000000000D60000-0x0000000000DA8000-memory.dmpFilesize
288KB
-
memory/2452-117-0x00000000011E0000-0x00000000011EF000-memory.dmpFilesize
60KB
-
memory/2452-120-0x00000000011D0000-0x00000000011D1000-memory.dmpFilesize
4KB