General
-
Target
bc2bd3c448b2348629da59a454f409ad5b60f2eb21f175e7e49dd04b2703c0ea
-
Size
273KB
-
Sample
220321-j5mcrsafcj
-
MD5
cb48ba54cf73cba6499d7622b50b89da
-
SHA1
9311c9855479396b7c9725c3eb9cedde7e1378ec
-
SHA256
bc2bd3c448b2348629da59a454f409ad5b60f2eb21f175e7e49dd04b2703c0ea
-
SHA512
3749df35f8a6221a4010c03f873dd5b3a00438ee91c8c5845d700409e510e5527f7551e34b23cc1fcef9679cdcece62195fd743476c4e25663057058dab74ba4
Static task
static1
Behavioral task
behavioral1
Sample
bc2bd3c448b2348629da59a454f409ad5b60f2eb21f175e7e49dd04b2703c0ea.exe
Resource
win7-20220311-en
Malware Config
Extracted
gozi_ifsb
7622
botanlink.top
linkspremium.ru
premiumlists.ru
-
base_path
/drew/
-
build
250225
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
bc2bd3c448b2348629da59a454f409ad5b60f2eb21f175e7e49dd04b2703c0ea
-
Size
273KB
-
MD5
cb48ba54cf73cba6499d7622b50b89da
-
SHA1
9311c9855479396b7c9725c3eb9cedde7e1378ec
-
SHA256
bc2bd3c448b2348629da59a454f409ad5b60f2eb21f175e7e49dd04b2703c0ea
-
SHA512
3749df35f8a6221a4010c03f873dd5b3a00438ee91c8c5845d700409e510e5527f7551e34b23cc1fcef9679cdcece62195fd743476c4e25663057058dab74ba4
-
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M2 (_2F)
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M2 (_2F)
-