General
-
Target
4f88d15e8486abcd9b0f1da8379ecd09dbb266931f985c5b1db2887e0863a891
-
Size
42KB
-
Sample
220201-mfy7tadde3
-
MD5
aaf0eb8b080328cffc64725e4eebd4b3
-
SHA1
97c825b7f2a3fa47aa894a503a1e9ccf4c47fb04
-
SHA256
4f88d15e8486abcd9b0f1da8379ecd09dbb266931f985c5b1db2887e0863a891
-
SHA512
7c16841346e29e123efdaaf2b750a5f3fcbbc4872f3525732b8bd33339e36bd338d744a690819be962c556e747f60edff000fe2ddb00e364feb557393e1826d2
Behavioral task
behavioral1
Sample
4f88d15e8486abcd9b0f1da8379ecd09dbb266931f985c5b1db2887e0863a891.dll
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
4f88d15e8486abcd9b0f1da8379ecd09dbb266931f985c5b1db2887e0863a891.dll
Resource
win10v2004-en-20220113
Malware Config
Extracted
gozi_ifsb
8877
outlook.com
auredosite.club
vuredosite.club
-
base_path
/grower/
-
build
250206
-
dga_season
10
-
exe_type
loader
-
extension
.grow
-
server_id
12
Targets
-
-
Target
4f88d15e8486abcd9b0f1da8379ecd09dbb266931f985c5b1db2887e0863a891
-
Size
42KB
-
MD5
aaf0eb8b080328cffc64725e4eebd4b3
-
SHA1
97c825b7f2a3fa47aa894a503a1e9ccf4c47fb04
-
SHA256
4f88d15e8486abcd9b0f1da8379ecd09dbb266931f985c5b1db2887e0863a891
-
SHA512
7c16841346e29e123efdaaf2b750a5f3fcbbc4872f3525732b8bd33339e36bd338d744a690819be962c556e747f60edff000fe2ddb00e364feb557393e1826d2
Score8/10-
Sets service image path in registry
-