General
-
Target
2804e1927303f37313996430c3f824db6f0a471793ccae5d5e29216c60bda682
-
Size
746KB
-
Sample
220306-1vryyahcbp
-
MD5
97f94973600a1621a88f29704ccd221b
-
SHA1
0919ba792fd99f6d38807616125eeb2dc7b91f5b
-
SHA256
2804e1927303f37313996430c3f824db6f0a471793ccae5d5e29216c60bda682
-
SHA512
98b97764d79336814c4f1974cb896f8b8ecd3e43a64c07ea5212b06f74f68301cc3b1ec6b15244e8d4e298e464aacec85ddfd59eefa42dd9cd07d3b70e225a6e
Static task
static1
Behavioral task
behavioral1
Sample
2804e1927303f37313996430c3f824db6f0a471793ccae5d5e29216c60bda682.dll
Resource
win7-en-20211208
Malware Config
Extracted
gozi_ifsb
1100
api10.laptok.at/api1
-
build
250157
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
730
Targets
-
-
Target
2804e1927303f37313996430c3f824db6f0a471793ccae5d5e29216c60bda682
-
Size
746KB
-
MD5
97f94973600a1621a88f29704ccd221b
-
SHA1
0919ba792fd99f6d38807616125eeb2dc7b91f5b
-
SHA256
2804e1927303f37313996430c3f824db6f0a471793ccae5d5e29216c60bda682
-
SHA512
98b97764d79336814c4f1974cb896f8b8ecd3e43a64c07ea5212b06f74f68301cc3b1ec6b15244e8d4e298e464aacec85ddfd59eefa42dd9cd07d3b70e225a6e
-
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M2 (_2F)
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M2 (_2F)
-