Analysis
-
max time kernel
4294183s -
max time network
134s -
platform
windows7_x64 -
resource
win7-20220310-en -
submitted
21/03/2022, 08:15
Static task
static1
Behavioral task
behavioral1
Sample
eda3487d5cce3777e504ae88f362c2352de1642fa86200e005ba5a7a3bfbdec0.exe
Resource
win7-20220310-en
0 signatures
0 seconds
General
-
Target
eda3487d5cce3777e504ae88f362c2352de1642fa86200e005ba5a7a3bfbdec0.exe
-
Size
290KB
-
MD5
f9fdaa602c4c427bb4a32640ad9ace1d
-
SHA1
28cfc8e7d3126a409b8052b7a7e24750790616f8
-
SHA256
eda3487d5cce3777e504ae88f362c2352de1642fa86200e005ba5a7a3bfbdec0
-
SHA512
ec0d214fc3fe5034d188a6e16c070e8a0d8c4f147c6a5ce6db1f7e8a4b59b698cf58bd591f2d8d67c6facab3bf4b4957c34756239482aad9743b87708be8ed3a
Malware Config
Extracted
Family
gozi_ifsb
Botnet
7622
C2
botanlink.top
linkspremium.ru
premiumlists.ru
Attributes
-
base_path
/drew/
-
build
250225
-
exe_type
loader
-
extension
.jlk
-
server_id
50
rsa_pubkey.plain
aes.plain