General
-
Target
f68d6df9685d0179504003af7a93bd000aae8639a00a9f7b35ffc310a4c3caf3
-
Size
909KB
-
Sample
220520-hjbtgaeea3
-
MD5
a3f92d275cc3006d913c89c2d1ae2bc8
-
SHA1
c2987a788b00329a8dcd9bb48dc9df73cc029b43
-
SHA256
f68d6df9685d0179504003af7a93bd000aae8639a00a9f7b35ffc310a4c3caf3
-
SHA512
4ce9243547f0b4ecd9606593a67ff0f03bbc21d49f32d26e39f07c1145f0c4bfe37c2dc7281c51a90adb342f00a9433574eba2f12c6662ec7cd3291ea64d5f88
Behavioral task
behavioral1
Sample
f68d6df9685d0179504003af7a93bd000aae8639a00a9f7b35ffc310a4c3caf3.exe
Resource
win7-20220414-en
Malware Config
Extracted
gozi_rm3
-
build
300854
Extracted
gozi_rm3
202004141
https://devicelease.xyz
-
build
300854
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
-
url_path
index.htm
Targets
-
-
Target
f68d6df9685d0179504003af7a93bd000aae8639a00a9f7b35ffc310a4c3caf3
-
Size
909KB
-
MD5
a3f92d275cc3006d913c89c2d1ae2bc8
-
SHA1
c2987a788b00329a8dcd9bb48dc9df73cc029b43
-
SHA256
f68d6df9685d0179504003af7a93bd000aae8639a00a9f7b35ffc310a4c3caf3
-
SHA512
4ce9243547f0b4ecd9606593a67ff0f03bbc21d49f32d26e39f07c1145f0c4bfe37c2dc7281c51a90adb342f00a9433574eba2f12c6662ec7cd3291ea64d5f88
-