Behavioral task
behavioral1
Sample
3d0173f7601169b76be9073a46c7f81335c19bcedb07aae411e3c8ff257d46b0.bin.dll
Resource
win7-en-20210920
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
3d0173f7601169b76be9073a46c7f81335c19bcedb07aae411e3c8ff257d46b0.bin.dll
Resource
win10-en-20211014
windows10_x64
0 signatures
0 seconds
General
-
Target
3d0173f7601169b76be9073a46c7f81335c19bcedb07aae411e3c8ff257d46b0.bin
-
Size
54KB
-
MD5
54ce84a286edaa47770e16d28b2f6d4c
-
SHA1
2b1fa03645cb1a5488ba8196389a1c899c48231e
-
SHA256
3d0173f7601169b76be9073a46c7f81335c19bcedb07aae411e3c8ff257d46b0
-
SHA512
bfc30ce682a5f0a2b31ab27d52b3119b8d35f5a888ca71c5b179e573c9be9aed1b78ce70730e9e4b28d97b8e649357e7f7d5cf946cd0b157445e8218cb460ef2
Malware Config
Extracted
Family
gozi_ifsb
Botnet
8899
C2
msn.com/mail
realitystorys.com
outlook.com/signup
gderrrpololo.net
Attributes
-
build
260212
-
dga_season
10
-
exe_type
loader
-
server_id
12
rsa_pubkey.plain
serpent.plain
Signatures
-
Gozi_ifsb family
Files
-
3d0173f7601169b76be9073a46c7f81335c19bcedb07aae411e3c8ff257d46b0.bin.dll windows x86