Analysis
-
max time kernel
4294186s -
max time network
139s -
platform
windows7_x64 -
resource
win7-20220310-en -
submitted
21/03/2022, 08:15
Static task
static1
Behavioral task
behavioral1
Sample
f1d890163f681d1c94337e6459b9c233180ebe755e94095315f7acf0171e1eea.exe
Resource
win7-20220310-en
0 signatures
0 seconds
General
-
Target
f1d890163f681d1c94337e6459b9c233180ebe755e94095315f7acf0171e1eea.exe
-
Size
274KB
-
MD5
4fe6296c8b2154cf5f562aabafd9c5fb
-
SHA1
297b3aac174cf4a4730725e817171ab329265c29
-
SHA256
f1d890163f681d1c94337e6459b9c233180ebe755e94095315f7acf0171e1eea
-
SHA512
7db839a57e78c59324dfa38f31e10e17704cdd47d9dc228d52150153fe875e8ec2ac745bcc8ea62c080e3e94007fe025212c1325aaabb41f7200eda724c0dc50
Malware Config
Extracted
Family
gozi_ifsb
Botnet
7622
C2
botanlink.top
linkspremium.ru
premiumlists.ru
Attributes
-
base_path
/drew/
-
build
250225
-
exe_type
loader
-
extension
.jlk
-
server_id
50
rsa_pubkey.plain
aes.plain