Analysis
-
max time kernel
4294181s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20220311-en -
submitted
21/03/2022, 08:14
Static task
static1
Behavioral task
behavioral1
Sample
02f23031b04660ce5d0a3dbd6862640895e37c649963c02d0b367a17d8422ffe.exe
Resource
win7-20220311-en
0 signatures
0 seconds
General
-
Target
02f23031b04660ce5d0a3dbd6862640895e37c649963c02d0b367a17d8422ffe.exe
-
Size
273KB
-
MD5
5c95bd06ac65f87d5ca02af3135dcb43
-
SHA1
bee7ce4c588899fc70042adf7a7c632f2468fe90
-
SHA256
02f23031b04660ce5d0a3dbd6862640895e37c649963c02d0b367a17d8422ffe
-
SHA512
c5ec8fc7e7cd1ddcafead09f68b08439ecc55269529fae97717ba8d534f4865bced94580634f58f551874bf26c32cacf35dda3c09ffd56127ac32db4ca932107
Malware Config
Extracted
Family
gozi_ifsb
Botnet
7622
C2
botanlink.top
linkspremium.ru
premiumlists.ru
Attributes
-
base_path
/drew/
-
build
250225
-
exe_type
loader
-
extension
.jlk
-
server_id
50
rsa_pubkey.plain
aes.plain