Analysis
-
max time kernel
4294182s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20220311-en -
submitted
21/03/2022, 08:15
Static task
static1
Behavioral task
behavioral1
Sample
bc2bd3c448b2348629da59a454f409ad5b60f2eb21f175e7e49dd04b2703c0ea.exe
Resource
win7-20220311-en
0 signatures
0 seconds
General
-
Target
bc2bd3c448b2348629da59a454f409ad5b60f2eb21f175e7e49dd04b2703c0ea.exe
-
Size
273KB
-
MD5
cb48ba54cf73cba6499d7622b50b89da
-
SHA1
9311c9855479396b7c9725c3eb9cedde7e1378ec
-
SHA256
bc2bd3c448b2348629da59a454f409ad5b60f2eb21f175e7e49dd04b2703c0ea
-
SHA512
3749df35f8a6221a4010c03f873dd5b3a00438ee91c8c5845d700409e510e5527f7551e34b23cc1fcef9679cdcece62195fd743476c4e25663057058dab74ba4
Malware Config
Extracted
Family
gozi_ifsb
Botnet
7622
C2
botanlink.top
linkspremium.ru
premiumlists.ru
Attributes
-
base_path
/drew/
-
build
250225
-
exe_type
loader
-
extension
.jlk
-
server_id
50
rsa_pubkey.plain
aes.plain