gozi_ifsb | d3732cfb3cf320fbafcd332dcf4db90b5d306bf4e16518248a571124599e07cb | Triage

Submit
Reports

Overview

overview

Static

static

d3732cfb3c...cb.dll

windows7_x64

1

d3732cfb3c...cb.dll

windows10-2004_x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

d3732cfb3cf320fbafcd332dcf4db90b5d306bf4e16518248a571124599e07cb.dll

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

d3732cfb3cf320fbafcd332dcf4db90b5d306bf4e16518248a571124599e07cb.dll

Resource

win10v2004-en-20220113

windows10-2004_x64

0 signatures

0 seconds

General

Target

d3732cfb3cf320fbafcd332dcf4db90b5d306bf4e16518248a571124599e07cb
Size

42KB
MD5

e925c5008b817fab066c50aad00eadfb
SHA1

8b160a12a9709770bdea5a527bb7d1f209c26f1a
SHA256

d3732cfb3cf320fbafcd332dcf4db90b5d306bf4e16518248a571124599e07cb
SHA512

3123db29fbe8a9150aa84a46a9b6cbf7e2dc5e85339facbd5d666ce4cd58e2dea0abf1aff57bd3b3023a210405c17e322e1dfead79da1693e4aec618d6b8e732
SSDEEP

768:BbbzH0OPsyw2Ujn++vkubHdxDmKC15Ax+VRfRTOAOdcLj/:tRPBun+6nrdxDm1Kx+bfR6AOiLD

Score

10^/10

1500 gozi_ifsb

Malware Config

Extracted

Family

gozi_ifsb

Botnet

1500

C2

apt.updateffboruse.com

app.updatebrouser.com

Attributes

build
250211
exe_type
loader
server_id
580

rsa_pubkey.plain

aes.plain

Signatures

Gozi_ifsb family
gozi_ifsb

Files

d3732cfb3cf320fbafcd332dcf4db90b5d306bf4e16518248a571124599e07cb
.dll windows x86

5a55101162d5dd43f647d5d0d11f468d

Code Sign

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ord2
ord16
ord15
ord6

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy