General
-
Target
2b3461725859c39356ac0ce0d98b4626fa0248c1d709d2b78342ba752f8da0f9
-
Size
265KB
-
Sample
220317-xjpgwseba6
-
MD5
9fe4fb5387565cd2fbb02d008bdfc791
-
SHA1
94b21368f4ae4b302c960a899823a1238f3f1ab1
-
SHA256
2b3461725859c39356ac0ce0d98b4626fa0248c1d709d2b78342ba752f8da0f9
-
SHA512
a51cb0edd39a25251557766652ef3dd6ef01234034d6ad12a97d26dd73d81971f528b087e94f5478976d7225480d8914a04107672b2cc87240ca25ab765db9a0
Static task
static1
Behavioral task
behavioral1
Sample
2b3461725859c39356ac0ce0d98b4626fa0248c1d709d2b78342ba752f8da0f9.exe
Resource
win7-20220311-en
Malware Config
Extracted
gozi_ifsb
8005
ssddl2.microsoft.com
siberiarrmaskkapsulrttezya.ru
sibedriamasterkkmoderatordstezya.ru
massidfberiatersksilkavayssstezya.ru
dolsggiberiaoserkmikluhasya.chimkent.su
dolsibegriaosersk4ermanderezya.chimkent.su
rdosdripakloserikabyatezya.chimkent.su
rusddripakoloserufinurtdrfezya.chimkent.su
ripakteenrufinishryeuliliezya.ru
rufiteemnisripakhglassdzya.ru
rufinisrufripakhmileronurzya.ru
rurugyrfripakinishtokokusstezya.ru
rufislomnishsripakerdfnstezya.adygeya.su
-
build
250161
-
dns_servers
107.174.86.134
107.175.127.22
-
exe_type
loader
-
server_id
12
Targets
-
-
Target
2b3461725859c39356ac0ce0d98b4626fa0248c1d709d2b78342ba752f8da0f9
-
Size
265KB
-
MD5
9fe4fb5387565cd2fbb02d008bdfc791
-
SHA1
94b21368f4ae4b302c960a899823a1238f3f1ab1
-
SHA256
2b3461725859c39356ac0ce0d98b4626fa0248c1d709d2b78342ba752f8da0f9
-
SHA512
a51cb0edd39a25251557766652ef3dd6ef01234034d6ad12a97d26dd73d81971f528b087e94f5478976d7225480d8914a04107672b2cc87240ca25ab765db9a0
-
Gozi_JJ_loader
-
Gozi_JJ_loader_0
-