General
-
Target
c206f90bd8e3a34f7eb522e01dba93e5dd8282a7573bbf03e6a91434c9d4a7fa
-
Size
42KB
-
Sample
220201-k94chscfd9
-
MD5
50f6f5e7eed54c3d981f33fce45bcfe5
-
SHA1
2e6dea36eeda83e5f8f7d4bf3589d6bca42c50ed
-
SHA256
c206f90bd8e3a34f7eb522e01dba93e5dd8282a7573bbf03e6a91434c9d4a7fa
-
SHA512
c2665fd557a4f405cbb62bd8ce253a831783b44375f4538a14915ef433d39d003455ebaca3d50998701ca3a6f198073c742348d5d6e3dbb20dd5a3c14bf786a0
Static task
static1
Behavioral task
behavioral1
Sample
c206f90bd8e3a34f7eb522e01dba93e5dd8282a7573bbf03e6a91434c9d4a7fa.dll
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
c206f90bd8e3a34f7eb522e01dba93e5dd8282a7573bbf03e6a91434c9d4a7fa.dll
Resource
win10v2004-en-20220112
Malware Config
Extracted
gozi_ifsb
-
build
217107
Extracted
gozi_ifsb
2000
w8.wensa.at/api1
-
build
217107
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
dns_servers
193.183.98.66
51.15.98.97
94.247.43.254
195.10.195.195
8.8.8.8
-
exe_type
loader
-
server_id
730
Targets
-
-
Target
c206f90bd8e3a34f7eb522e01dba93e5dd8282a7573bbf03e6a91434c9d4a7fa
-
Size
42KB
-
MD5
50f6f5e7eed54c3d981f33fce45bcfe5
-
SHA1
2e6dea36eeda83e5f8f7d4bf3589d6bca42c50ed
-
SHA256
c206f90bd8e3a34f7eb522e01dba93e5dd8282a7573bbf03e6a91434c9d4a7fa
-
SHA512
c2665fd557a4f405cbb62bd8ce253a831783b44375f4538a14915ef433d39d003455ebaca3d50998701ca3a6f198073c742348d5d6e3dbb20dd5a3c14bf786a0
Score10/10-
Sets service image path in registry
-