General
-
Target
617683636aa85.tiff
-
Size
942KB
-
Sample
211025-magetaghcr
-
MD5
63bf1fa8174987625e5e43cb0ed13e82
-
SHA1
644b87f4721c0b9b5409d19717dffea20b788081
-
SHA256
42b7c2ea97c98f21d2a5fb271364530115369f9bb08ef03fa57013cc036b6f00
-
SHA512
1ddd98f42cb271bd55f96a2291951ec761f81b8958269e67166c74ff40c3ce65a96c0011c4a024a6b1c54709043ab8cba4b22ddefa435b20696556057c2737f8
Static task
static1
Behavioral task
behavioral1
Sample
617683636aa85.tiff.dll
Resource
win7-en-20210920
Malware Config
Extracted
gozi_ifsb
8899
msn.com/mail
realitystorys.com
outlook.com/signup
gderrrpololo.net
-
build
260212
-
dga_season
10
-
exe_type
loader
-
server_id
12
Targets
-
-
Target
617683636aa85.tiff
-
Size
942KB
-
MD5
63bf1fa8174987625e5e43cb0ed13e82
-
SHA1
644b87f4721c0b9b5409d19717dffea20b788081
-
SHA256
42b7c2ea97c98f21d2a5fb271364530115369f9bb08ef03fa57013cc036b6f00
-
SHA512
1ddd98f42cb271bd55f96a2291951ec761f81b8958269e67166c74ff40c3ce65a96c0011c4a024a6b1c54709043ab8cba4b22ddefa435b20696556057c2737f8
-
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M1 (_2B)
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M1 (_2B)
-
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M2 (_2F)
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M2 (_2F)
-
Blocklisted process makes network request
-