General
-
Target
cc35beb3f7b5fd6a38b1775f110f9ab527c90f3cf6e76b02e074dc2954955a4c
-
Size
64KB
-
Sample
220201-k7gqqscabl
-
MD5
6b645497a72175e510164553e888443b
-
SHA1
55c6c5b81b35713fd833cc934b9be80d378d67b7
-
SHA256
cc35beb3f7b5fd6a38b1775f110f9ab527c90f3cf6e76b02e074dc2954955a4c
-
SHA512
896b39ebfc5f21f3762292fdebd264ffad05ecad023d0b24c243d54f358be43abbf97eb2c2ceddaaa5b41a1e7da1218fdb2a4d44accd25fc66151d730c74a54d
Behavioral task
behavioral1
Sample
cc35beb3f7b5fd6a38b1775f110f9ab527c90f3cf6e76b02e074dc2954955a4c.dll
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
cc35beb3f7b5fd6a38b1775f110f9ab527c90f3cf6e76b02e074dc2954955a4c.dll
Resource
win10v2004-en-20220113
Malware Config
Extracted
gozi_ifsb
8877
outlook.com
zaluoa.live
daskdjknefjkewfnkjwe.net
-
base_path
/jkloop/
-
build
250207
-
dga_season
10
-
exe_type
loader
-
extension
.kre
-
server_id
12
Targets
-
-
Target
cc35beb3f7b5fd6a38b1775f110f9ab527c90f3cf6e76b02e074dc2954955a4c
-
Size
64KB
-
MD5
6b645497a72175e510164553e888443b
-
SHA1
55c6c5b81b35713fd833cc934b9be80d378d67b7
-
SHA256
cc35beb3f7b5fd6a38b1775f110f9ab527c90f3cf6e76b02e074dc2954955a4c
-
SHA512
896b39ebfc5f21f3762292fdebd264ffad05ecad023d0b24c243d54f358be43abbf97eb2c2ceddaaa5b41a1e7da1218fdb2a4d44accd25fc66151d730c74a54d
Score8/10-
Sets service image path in registry
-