General
-
Target
b76097aaa0ca490e5eb6b5a2dd13c5bc.dll
-
Size
549KB
-
Sample
211026-rfkfwaaabk
-
MD5
b76097aaa0ca490e5eb6b5a2dd13c5bc
-
SHA1
9920ece38424d7902ffb7c28ae1b5c0d33e19aa8
-
SHA256
8f409a0d417462b342281b3f869a397ed4f5b8fd5841d140c8c57e7df39ff4b0
-
SHA512
16457a472ae064ccb3f8dc2e2d3231380c58c607f947a0570ac2a0cb54babbb27f542a778f367bcf81f15715da6378525b0e6e4fc10e2b571051a1bf8e3edb37
Static task
static1
Behavioral task
behavioral1
Sample
b76097aaa0ca490e5eb6b5a2dd13c5bc.dll
Resource
win7-en-20210920
Malware Config
Extracted
gozi_ifsb
8899
http://microsoft.com.login/
https://premiumweare.com
https://gloverunomai.com
-
build
260212
-
dga_season
10
-
exe_type
loader
-
server_id
12
Targets
-
-
Target
b76097aaa0ca490e5eb6b5a2dd13c5bc.dll
-
Size
549KB
-
MD5
b76097aaa0ca490e5eb6b5a2dd13c5bc
-
SHA1
9920ece38424d7902ffb7c28ae1b5c0d33e19aa8
-
SHA256
8f409a0d417462b342281b3f869a397ed4f5b8fd5841d140c8c57e7df39ff4b0
-
SHA512
16457a472ae064ccb3f8dc2e2d3231380c58c607f947a0570ac2a0cb54babbb27f542a778f367bcf81f15715da6378525b0e6e4fc10e2b571051a1bf8e3edb37
-
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M1 (_2B)
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M1 (_2B)
-
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M2 (_2F)
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M2 (_2F)
-
Blocklisted process makes network request
-