General
-
Target
5f8505acb78a963aaae1e8ecac11613cdf388b10634c53968f8b324623fd8644
-
Size
42KB
-
Sample
220201-mbrxyadch3
-
MD5
a81bcd214e3083d82bf38d3916331722
-
SHA1
18d5ad4ad4183a8a49c878725c9d78ac39a1372a
-
SHA256
5f8505acb78a963aaae1e8ecac11613cdf388b10634c53968f8b324623fd8644
-
SHA512
12ab4f48dae7181819c8f75490a52219f13a3fbd50f196e6b044cebac3a21417baf526e0d59e12d8973ebbfcfe7d67f09a96e9323c90c5e9d0af3f660363ee3a
Behavioral task
behavioral1
Sample
5f8505acb78a963aaae1e8ecac11613cdf388b10634c53968f8b324623fd8644.dll
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
5f8505acb78a963aaae1e8ecac11613cdf388b10634c53968f8b324623fd8644.dll
Resource
win10v2004-en-20220113
Malware Config
Extracted
gozi_ifsb
8877
outlook.com
zaluoa.live
daskdjknefjkewfnkjwe.net
-
base_path
/jkloop/
-
build
250207
-
dga_season
10
-
exe_type
loader
-
extension
.kre
-
server_id
12
Targets
-
-
Target
5f8505acb78a963aaae1e8ecac11613cdf388b10634c53968f8b324623fd8644
-
Size
42KB
-
MD5
a81bcd214e3083d82bf38d3916331722
-
SHA1
18d5ad4ad4183a8a49c878725c9d78ac39a1372a
-
SHA256
5f8505acb78a963aaae1e8ecac11613cdf388b10634c53968f8b324623fd8644
-
SHA512
12ab4f48dae7181819c8f75490a52219f13a3fbd50f196e6b044cebac3a21417baf526e0d59e12d8973ebbfcfe7d67f09a96e9323c90c5e9d0af3f660363ee3a
Score8/10-
Sets service image path in registry
-