General
-
Target
c71536fb2ef120ab76917999116fa23140d0bc7c7ba1297f8b4357e32b8c8a2d
-
Size
162KB
-
Sample
220326-vzksjabgej
-
MD5
b7138eb1572c14495e09520b7b4880a5
-
SHA1
29b4d418648ee1dce2e0137e807122030a9b601a
-
SHA256
c71536fb2ef120ab76917999116fa23140d0bc7c7ba1297f8b4357e32b8c8a2d
-
SHA512
538ce7c50d0c980f632a2d9f8ec7788103ef9e87374a1bf300480816407cbea29ac800eb425f4c37d8967c325360fb2345fd6b3c403179202838ffd722adecde
Static task
static1
Behavioral task
behavioral1
Sample
c71536fb2ef120ab76917999116fa23140d0bc7c7ba1297f8b4357e32b8c8a2d.dll
Resource
win7-20220311-en
Malware Config
Extracted
gozi_ifsb
1100
api10.laptok.at/api1
-
build
250157
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
730
Targets
-
-
Target
c71536fb2ef120ab76917999116fa23140d0bc7c7ba1297f8b4357e32b8c8a2d
-
Size
162KB
-
MD5
b7138eb1572c14495e09520b7b4880a5
-
SHA1
29b4d418648ee1dce2e0137e807122030a9b601a
-
SHA256
c71536fb2ef120ab76917999116fa23140d0bc7c7ba1297f8b4357e32b8c8a2d
-
SHA512
538ce7c50d0c980f632a2d9f8ec7788103ef9e87374a1bf300480816407cbea29ac800eb425f4c37d8967c325360fb2345fd6b3c403179202838ffd722adecde
-
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M2 (_2F)
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M2 (_2F)
-