Overview

overview

10

Static

static

10

dea0b318ee...94.dll

windows7_x64

3

dea0b318ee...94.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dea0b318ee9e32956ce033f216a072d6112b39dab20c5616d157ce524b38b994

  • Size

    64KB

  • MD5

    d7871e818a404134fcd16f5e976f8fd3

  • SHA1

    3bba35f05b2077d6fe62950957b00e90ac85359a

  • SHA256

    dea0b318ee9e32956ce033f216a072d6112b39dab20c5616d157ce524b38b994

  • SHA512

    f380a3009123fa979e7847a5c3318454b8fc5de12a7d9a18671cf463b3933000f48332091ca89005018bad460e2200905985655a7622f7542c771858cbd2fadf

  • SSDEEP

    1536:7WFhQc1KGDehqlalXyr/ZWE+LXUmIfhtv5JW:inRD+qlalir/AXUmIfnRY

Score
10/10
1100gozi_ifsb

Malware Config

Extracted

Family

gozi_ifsb

Botnet

1100

C2

api10.laptok.at/api1

golang.feel500.at/api1

go.in100k.at/api1
Attributes
  • build

    250171

  • dga_base_url

    constitution.org/usdeclar.txt

  • dga_crc

    0x4eb7d2ca

  • dga_season

    10

  • dga_tlds

    com

    ru

    org

  • exe_type

    loader

  • server_id

    730

rsa_pubkey.plain
serpent.plain

Signatures

Files

  • dea0b318ee9e32956ce033f216a072d6112b39dab20c5616d157ce524b38b994
    .dll windows x86


    Code Sign

    Headers

    Sections