General
-
Target
e655f1afb49be062cded5683df9292ff4cd602ad5d6f648dddd8778af13c44e2
-
Size
142KB
-
Sample
220201-kvxlescdb4
-
MD5
43e346d3b7f7122ea578e988ee20cc6b
-
SHA1
62aec92a3b5f2f11da0fe34a4f47fda72d46d4a6
-
SHA256
e655f1afb49be062cded5683df9292ff4cd602ad5d6f648dddd8778af13c44e2
-
SHA512
22e08ea29e440c6b6bf5ef50b8b9d07ea550d74444e59a491076b50c1fdc949fb925cc3ed73dd53721bd3180be9cb6a57755431146f15079dd2de79a1e6f4ee5
Static task
static1
Behavioral task
behavioral1
Sample
e655f1afb49be062cded5683df9292ff4cd602ad5d6f648dddd8778af13c44e2.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
e655f1afb49be062cded5683df9292ff4cd602ad5d6f648dddd8778af13c44e2.exe
Resource
win10v2004-en-20220113
Malware Config
Extracted
gozi_ifsb
5500
df1.kamalak.at/wpx
api3.lamanak.at/wpx
-
build
250143
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
120
Targets
-
-
Target
e655f1afb49be062cded5683df9292ff4cd602ad5d6f648dddd8778af13c44e2
-
Size
142KB
-
MD5
43e346d3b7f7122ea578e988ee20cc6b
-
SHA1
62aec92a3b5f2f11da0fe34a4f47fda72d46d4a6
-
SHA256
e655f1afb49be062cded5683df9292ff4cd602ad5d6f648dddd8778af13c44e2
-
SHA512
22e08ea29e440c6b6bf5ef50b8b9d07ea550d74444e59a491076b50c1fdc949fb925cc3ed73dd53721bd3180be9cb6a57755431146f15079dd2de79a1e6f4ee5
-