General
-
Target
ef78d1bc0863a7e939b37e2daefe96450cd44e207d52e8663030fb1780eea7ba
-
Size
126KB
-
Sample
220320-dypawsgab3
-
MD5
cbbc58e6c361cadbe803e2b5db17307e
-
SHA1
86764e2af88b290aa12669369d882a663a264c4d
-
SHA256
ef78d1bc0863a7e939b37e2daefe96450cd44e207d52e8663030fb1780eea7ba
-
SHA512
826d8ac99ccd75cd6fa95235ff2979e997d396e30a5ae81c9a7781a02c8560c9398bbda567edfc586d4a14244126cfde58c1f752d68b382bd5872f1337312a2a
Static task
static1
Behavioral task
behavioral1
Sample
ef78d1bc0863a7e939b37e2daefe96450cd44e207d52e8663030fb1780eea7ba.exe
Resource
win7-20220310-en
Malware Config
Extracted
gozi_ifsb
1051
c.s-microsoft.com
ajax.googleapis.com
vlasdmkdmewnfjfnd.xyz
-
build
250166
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
dns_servers
107.174.86.134
107.175.127.22
-
exe_type
loader
-
server_id
12
Targets
-
-
Target
ef78d1bc0863a7e939b37e2daefe96450cd44e207d52e8663030fb1780eea7ba
-
Size
126KB
-
MD5
cbbc58e6c361cadbe803e2b5db17307e
-
SHA1
86764e2af88b290aa12669369d882a663a264c4d
-
SHA256
ef78d1bc0863a7e939b37e2daefe96450cd44e207d52e8663030fb1780eea7ba
-
SHA512
826d8ac99ccd75cd6fa95235ff2979e997d396e30a5ae81c9a7781a02c8560c9398bbda567edfc586d4a14244126cfde58c1f752d68b382bd5872f1337312a2a
-