gozi_ifsb | 06c77562bdd0cc66c87571dd9424c3c340289f3a94f458df029a536c911d0100 | Triage

Submit
Reports

Overview

overview

Static

static

06c77562bd...00.dll

windows7_x64

1

06c77562bd...00.dll

windows10-2004_x64

8

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

06c77562bdd0cc66c87571dd9424c3c340289f3a94f458df029a536c911d0100.dll

Resource

win7-en-20211208

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

06c77562bdd0cc66c87571dd9424c3c340289f3a94f458df029a536c911d0100.dll

Resource

win10v2004-en-20220113

windows10-2004_x64

0 signatures

0 seconds

General

Target

06c77562bdd0cc66c87571dd9424c3c340289f3a94f458df029a536c911d0100
Size

55KB
MD5

70adbf361b9d7148e2e2f58b84322028
SHA1

ee8485039eec5095d933ff38b804e486a06f7f2c
SHA256

06c77562bdd0cc66c87571dd9424c3c340289f3a94f458df029a536c911d0100
SHA512

2a606ad3483752d7376a122808bf8ef561f4cf935ee753de2a1697e81eadc4aaf1850547cb77110bdf906945f00929816ac03299680dd0fe673ef5ad4ab6991e
SSDEEP

1536:m3xCQc14ZSaZtXI7WTM2qlalXFL+KNNSMygvP7:m3xCnnanXdM2qlalVSUNSMygv

Score

10^/10

8877 gozi_ifsb

Malware Config

Extracted

Family

gozi_ifsb

Botnet

8877

C2

outlook.com

auredosite.club

vuredosite.club

Attributes

base_path
/grower/
build
250206
dga_season
10
exe_type
loader
extension
.grow
server_id
12

rsa_pubkey.plain

serpent.plain

Signatures

Gozi_ifsb family
gozi_ifsb

Files

06c77562bdd0cc66c87571dd9424c3c340289f3a94f458df029a536c911d0100
.dll windows x86

81fb59eb9e86609b0780b349ef3d81a8

Code Sign

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ord2
ord16
ord15
ord6

Sections

.text
Size: 41KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy