General
-
Target
eec9887fb0a1a6157c82c1319dd32e9750d616a4dc31cdbb29b2ff75028fcf04
-
Size
500KB
-
Sample
220201-c9d4mafefk
-
MD5
4ea313151ad65a9eb770b60fd991de63
-
SHA1
69b3e1476205aac3e8912a87bbb2095f6c9d89ab
-
SHA256
eec9887fb0a1a6157c82c1319dd32e9750d616a4dc31cdbb29b2ff75028fcf04
-
SHA512
4dea30aed504462af08e6e4c46995b27a7a478a1832ffdbb4d126f981f349b08c010b15e99e7d87e85d23c629ab76ee82e50bfd808562b2acd8937eaa4f513fa
Static task
static1
Behavioral task
behavioral1
Sample
eec9887fb0a1a6157c82c1319dd32e9750d616a4dc31cdbb29b2ff75028fcf04.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
eec9887fb0a1a6157c82c1319dd32e9750d616a4dc31cdbb29b2ff75028fcf04.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
gozi_ifsb
-
build
214085
Extracted
gozi_ifsb
3428
google.com
gmail.com
ztoy.top
qmiller.club
vipresleynz.com
-
build
214085
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
Targets
-
-
Target
eec9887fb0a1a6157c82c1319dd32e9750d616a4dc31cdbb29b2ff75028fcf04
-
Size
500KB
-
MD5
4ea313151ad65a9eb770b60fd991de63
-
SHA1
69b3e1476205aac3e8912a87bbb2095f6c9d89ab
-
SHA256
eec9887fb0a1a6157c82c1319dd32e9750d616a4dc31cdbb29b2ff75028fcf04
-
SHA512
4dea30aed504462af08e6e4c46995b27a7a478a1832ffdbb4d126f981f349b08c010b15e99e7d87e85d23c629ab76ee82e50bfd808562b2acd8937eaa4f513fa
Score10/10-
Sets service image path in registry
-