General
-
Target
8ecbae4985b7df072bd6df4b60f194fdcabd92bb336e11f8ca40987a5a81b1e3
-
Size
240KB
-
Sample
220201-a2jb9segg3
-
MD5
4167ba311c381dbda9f12c274b81e782
-
SHA1
7feb73ac6aeef592a01039131a13bfa73fbba412
-
SHA256
8ecbae4985b7df072bd6df4b60f194fdcabd92bb336e11f8ca40987a5a81b1e3
-
SHA512
bd7ce739ead9aeb4c0c24a84ee39fcaefdf7e5f69b98b781bf61d332dc7a3ac002426c9512ded770a71ccf7572dc5227e1a04a61139661bb4fe98caf03b8caad
Behavioral task
behavioral1
Sample
8ecbae4985b7df072bd6df4b60f194fdcabd92bb336e11f8ca40987a5a81b1e3.dll
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
8ecbae4985b7df072bd6df4b60f194fdcabd92bb336e11f8ca40987a5a81b1e3.dll
Resource
win10v2004-en-20220113
Malware Config
Extracted
gozi_ifsb
1500
todo.faroin.at
apr.intoolkom.at
app3.crasa.at
r23cirt55ysvtdvl.onion
kas.kargoapp.at
io.feen007.at
gtk.uploner.at
l46t3vgvmtx5wxe6.onion
api2.biborexa.com
free.monotreener.com
xhr.vionedino.com
cdn8.novand.at
tb.yapker.at
-
exe_type
worker
-
server_id
580
Targets
-
-
Target
8ecbae4985b7df072bd6df4b60f194fdcabd92bb336e11f8ca40987a5a81b1e3
-
Size
240KB
-
MD5
4167ba311c381dbda9f12c274b81e782
-
SHA1
7feb73ac6aeef592a01039131a13bfa73fbba412
-
SHA256
8ecbae4985b7df072bd6df4b60f194fdcabd92bb336e11f8ca40987a5a81b1e3
-
SHA512
bd7ce739ead9aeb4c0c24a84ee39fcaefdf7e5f69b98b781bf61d332dc7a3ac002426c9512ded770a71ccf7572dc5227e1a04a61139661bb4fe98caf03b8caad
Score8/10-
Sets service image path in registry
-