General
-
Target
f1d890163f681d1c94337e6459b9c233180ebe755e94095315f7acf0171e1eea
-
Size
274KB
-
Sample
220321-j5mcrsafck
-
MD5
4fe6296c8b2154cf5f562aabafd9c5fb
-
SHA1
297b3aac174cf4a4730725e817171ab329265c29
-
SHA256
f1d890163f681d1c94337e6459b9c233180ebe755e94095315f7acf0171e1eea
-
SHA512
7db839a57e78c59324dfa38f31e10e17704cdd47d9dc228d52150153fe875e8ec2ac745bcc8ea62c080e3e94007fe025212c1325aaabb41f7200eda724c0dc50
Static task
static1
Behavioral task
behavioral1
Sample
f1d890163f681d1c94337e6459b9c233180ebe755e94095315f7acf0171e1eea.exe
Resource
win7-20220310-en
Malware Config
Extracted
gozi_ifsb
7622
botanlink.top
linkspremium.ru
premiumlists.ru
-
base_path
/drew/
-
build
250225
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
f1d890163f681d1c94337e6459b9c233180ebe755e94095315f7acf0171e1eea
-
Size
274KB
-
MD5
4fe6296c8b2154cf5f562aabafd9c5fb
-
SHA1
297b3aac174cf4a4730725e817171ab329265c29
-
SHA256
f1d890163f681d1c94337e6459b9c233180ebe755e94095315f7acf0171e1eea
-
SHA512
7db839a57e78c59324dfa38f31e10e17704cdd47d9dc228d52150153fe875e8ec2ac745bcc8ea62c080e3e94007fe025212c1325aaabb41f7200eda724c0dc50
-
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M2 (_2F)
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M2 (_2F)
-