General
-
Target
40cf9a6c58b28b35ac94bd519b291bee247bbd91fff57fc9a2aa40913fadc776
-
Size
311KB
-
Sample
220326-c35yrscbfr
-
MD5
c6b874efba7800ea74c1c13d0985c9d0
-
SHA1
c43c0a58778647708fde852ec4d0ffb7fb3b3708
-
SHA256
40cf9a6c58b28b35ac94bd519b291bee247bbd91fff57fc9a2aa40913fadc776
-
SHA512
26a918a36b6e2c4a7c283cd642bddb1858659cdddd86d0809d6fbc8bb70bd6ec06308abda4b0bbbbd2871c85b612db7ccaf15d98d36308a379f116ed5d26c8cb
Static task
static1
Behavioral task
behavioral1
Sample
40cf9a6c58b28b35ac94bd519b291bee247bbd91fff57fc9a2aa40913fadc776.exe
Resource
win7-20220311-en
Malware Config
Extracted
gozi_ifsb
1001
shop.microsoft.com
loadshemsplot.xyz
-
build
250162
-
dga_season
10
-
exe_type
loader
-
server_id
12
Targets
-
-
Target
40cf9a6c58b28b35ac94bd519b291bee247bbd91fff57fc9a2aa40913fadc776
-
Size
311KB
-
MD5
c6b874efba7800ea74c1c13d0985c9d0
-
SHA1
c43c0a58778647708fde852ec4d0ffb7fb3b3708
-
SHA256
40cf9a6c58b28b35ac94bd519b291bee247bbd91fff57fc9a2aa40913fadc776
-
SHA512
26a918a36b6e2c4a7c283cd642bddb1858659cdddd86d0809d6fbc8bb70bd6ec06308abda4b0bbbbd2871c85b612db7ccaf15d98d36308a379f116ed5d26c8cb
-
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M2 (_2F)
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M2 (_2F)
-