Analysis
-
max time kernel
4294183s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20220311-en -
submitted
21/03/2022, 08:14
Static task
static1
Behavioral task
behavioral1
Sample
50ed0329ffb7ae83f7a8042ef7f6bd5af5f308e52f479965358cfe4d646b1847.exe
Resource
win7-20220311-en
0 signatures
0 seconds
General
-
Target
50ed0329ffb7ae83f7a8042ef7f6bd5af5f308e52f479965358cfe4d646b1847.exe
-
Size
273KB
-
MD5
c0de3291fe744c4941a518ac41cdcd10
-
SHA1
07a83577f3af719d8cf386d9768edb24a104abab
-
SHA256
50ed0329ffb7ae83f7a8042ef7f6bd5af5f308e52f479965358cfe4d646b1847
-
SHA512
a64a7a039a5e2e3639eec32b6e79f8f89cd815a3ea581a944a74d943699b30122351512ed7344d5862fcfc6d85422e6d1d27dc849beb6a5e388928c79daf14e3
Malware Config
Extracted
Family
gozi_ifsb
Botnet
7622
C2
botanlink.top
linkspremium.ru
premiumlists.ru
Attributes
-
base_path
/drew/
-
build
250225
-
exe_type
loader
-
extension
.jlk
-
server_id
50
rsa_pubkey.plain
aes.plain