General
-
Target
8bfc0d33681f4117e5cde9ae80cc506811689240f03b6efdcde175be9191fefb
-
Size
265KB
-
Sample
220319-s3rzxachgj
-
MD5
29d1651ef8389ba50bf0d79fff4aad1c
-
SHA1
128ba046f2adb250471383e54a5c110593933df5
-
SHA256
8bfc0d33681f4117e5cde9ae80cc506811689240f03b6efdcde175be9191fefb
-
SHA512
78c8969c4d213de79c439c735fdfe20f734a531e3f25ad853972d7eb6dbe5eabcb2b7ba154562f4f1f7cc1f86b169cadb570b282cdc9507e420fa18e62e435bf
Static task
static1
Behavioral task
behavioral1
Sample
8bfc0d33681f4117e5cde9ae80cc506811689240f03b6efdcde175be9191fefb.exe
Resource
win7-20220311-en
Malware Config
Extracted
gozi_ifsb
8005
ssddl2.microsoft.com
siberiarrmaskkapsulrttezya.ru
sibedriamasterkkmoderatordstezya.ru
massidfberiatersksilkavayssstezya.ru
dolsggiberiaoserkmikluhasya.chimkent.su
dolsibegriaosersk4ermanderezya.chimkent.su
rdosdripakloserikabyatezya.chimkent.su
rusddripakoloserufinurtdrfezya.chimkent.su
ripakteenrufinishryeuliliezya.ru
rufiteemnisripakhglassdzya.ru
rufinisrufripakhmileronurzya.ru
rurugyrfripakinishtokokusstezya.ru
rufislomnishsripakerdfnstezya.adygeya.su
-
build
250161
-
dns_servers
107.174.86.134
107.175.127.22
-
exe_type
loader
-
server_id
12
Targets
-
-
Target
8bfc0d33681f4117e5cde9ae80cc506811689240f03b6efdcde175be9191fefb
-
Size
265KB
-
MD5
29d1651ef8389ba50bf0d79fff4aad1c
-
SHA1
128ba046f2adb250471383e54a5c110593933df5
-
SHA256
8bfc0d33681f4117e5cde9ae80cc506811689240f03b6efdcde175be9191fefb
-
SHA512
78c8969c4d213de79c439c735fdfe20f734a531e3f25ad853972d7eb6dbe5eabcb2b7ba154562f4f1f7cc1f86b169cadb570b282cdc9507e420fa18e62e435bf
-
suricata: ET MALWARE Possible Zeus .ru CnC Domain Generation Algorithm (DGA) Lookup Detected
suricata: ET MALWARE Possible Zeus .ru CnC Domain Generation Algorithm (DGA) Lookup Detected
-
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M2 (_2F)
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M2 (_2F)
-