General
-
Target
8a06f6660355b6b393f3ef0c42e148ad2f94e5677c375ddf415f733b06fcef32
-
Size
43KB
-
Sample
220201-lwzmvaceam
-
MD5
f52995516bb061fa7bc7f788b131cb68
-
SHA1
b8a808b508e57794aae41dc3e6d9ae64be0c0cce
-
SHA256
8a06f6660355b6b393f3ef0c42e148ad2f94e5677c375ddf415f733b06fcef32
-
SHA512
2fbaf82bdc00a3ddd8e1429867c7f980d00e41fc022b067dc5efabe7fdc35b892dcbec8203da67d86fc7756cde0bcba85bc9bf43377fbc52fe8c047c98a5287b
Behavioral task
behavioral1
Sample
8a06f6660355b6b393f3ef0c42e148ad2f94e5677c375ddf415f733b06fcef32.dll
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
8a06f6660355b6b393f3ef0c42e148ad2f94e5677c375ddf415f733b06fcef32.dll
Resource
win10v2004-en-20220112
Malware Config
Extracted
gozi_ifsb
2200
api10.laptok.at/api1
golang.feel500.at/api1
go.in100k.at/api1
-
build
250180
-
exe_type
loader
-
server_id
730
Targets
-
-
Target
8a06f6660355b6b393f3ef0c42e148ad2f94e5677c375ddf415f733b06fcef32
-
Size
43KB
-
MD5
f52995516bb061fa7bc7f788b131cb68
-
SHA1
b8a808b508e57794aae41dc3e6d9ae64be0c0cce
-
SHA256
8a06f6660355b6b393f3ef0c42e148ad2f94e5677c375ddf415f733b06fcef32
-
SHA512
2fbaf82bdc00a3ddd8e1429867c7f980d00e41fc022b067dc5efabe7fdc35b892dcbec8203da67d86fc7756cde0bcba85bc9bf43377fbc52fe8c047c98a5287b
Score10/10-
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M1 (_2B)
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M1 (_2B)
-
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M2 (_2F)
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M2 (_2F)
-
Sets service image path in registry
-