General
-
Target
7aa84b4ce4fbf937632d3008981c3ef8ff63e1ff846fdbb55060f3973d2507a9
-
Size
252KB
-
Sample
220201-f86n2aaad8
-
MD5
a7cbf4937c36b65d7af6aeb54e8b63f0
-
SHA1
c1bff59350a7117762e34817f2a0f2edbdec11bf
-
SHA256
7aa84b4ce4fbf937632d3008981c3ef8ff63e1ff846fdbb55060f3973d2507a9
-
SHA512
296cdb6ef6001a2c9c3d190b70d8a4e1be97ad11e8c0d7ae02730f190989fd0a8d7bdcc73ec06832bf0f75b23c2fc808b7b773a96644d03f46017e49a37c877a
Static task
static1
Behavioral task
behavioral1
Sample
7aa84b4ce4fbf937632d3008981c3ef8ff63e1ff846fdbb55060f3973d2507a9.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
7aa84b4ce4fbf937632d3008981c3ef8ff63e1ff846fdbb55060f3973d2507a9.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
gozi_ifsb
-
build
217083
Extracted
gozi_ifsb
2000
x1.narutik.at/webstore
cdn5.narutik.at/webstore
cd.pranahat.at/webstore
-
build
217083
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
dns_servers
172.104.136.243
8.8.8.8
176.126.70.119
51.15.98.97
193.183.98.66
-
exe_type
loader
-
server_id
550
Targets
-
-
Target
7aa84b4ce4fbf937632d3008981c3ef8ff63e1ff846fdbb55060f3973d2507a9
-
Size
252KB
-
MD5
a7cbf4937c36b65d7af6aeb54e8b63f0
-
SHA1
c1bff59350a7117762e34817f2a0f2edbdec11bf
-
SHA256
7aa84b4ce4fbf937632d3008981c3ef8ff63e1ff846fdbb55060f3973d2507a9
-
SHA512
296cdb6ef6001a2c9c3d190b70d8a4e1be97ad11e8c0d7ae02730f190989fd0a8d7bdcc73ec06832bf0f75b23c2fc808b7b773a96644d03f46017e49a37c877a
-