General
-
Target
daa79a2f04b7825fcc77b66976dbc9374f796e4107862b17a8f2d8de1a629cd2
-
Size
908KB
-
Sample
220520-hjjjbaeea9
-
MD5
3dac76dba1f71a797b720475c8d472a5
-
SHA1
e16b8c76315c7060d003a8af804710319b6b3746
-
SHA256
daa79a2f04b7825fcc77b66976dbc9374f796e4107862b17a8f2d8de1a629cd2
-
SHA512
701a1809f446b380fb8f3bc64ed3179d5cbc51b973630f4c75be823a029e0bba9d3f37af3f8d538e6b25745b89e4548a25bc7cef3b5dfd8e11f5e3020c1f5fb0
Behavioral task
behavioral1
Sample
daa79a2f04b7825fcc77b66976dbc9374f796e4107862b17a8f2d8de1a629cd2.exe
Resource
win7-20220414-en
Malware Config
Extracted
gozi_rm3
-
build
300854
Extracted
gozi_rm3
202004141
https://devicelease.xyz
-
build
300854
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
-
url_path
index.htm
Targets
-
-
Target
daa79a2f04b7825fcc77b66976dbc9374f796e4107862b17a8f2d8de1a629cd2
-
Size
908KB
-
MD5
3dac76dba1f71a797b720475c8d472a5
-
SHA1
e16b8c76315c7060d003a8af804710319b6b3746
-
SHA256
daa79a2f04b7825fcc77b66976dbc9374f796e4107862b17a8f2d8de1a629cd2
-
SHA512
701a1809f446b380fb8f3bc64ed3179d5cbc51b973630f4c75be823a029e0bba9d3f37af3f8d538e6b25745b89e4548a25bc7cef3b5dfd8e11f5e3020c1f5fb0
-