General
-
Target
1dde14f14004d0953532c4c095e1aba0cbafacf1c9c4d0ef1a98f90a0145ab85
-
Size
908KB
-
Sample
220520-hk1h8ahefq
-
MD5
db425b3a2847a2f961705308e20062ba
-
SHA1
c45633e73b54ae0de2f4b825f9f2097a582f0ca8
-
SHA256
1dde14f14004d0953532c4c095e1aba0cbafacf1c9c4d0ef1a98f90a0145ab85
-
SHA512
aa32fd04d3a242d1d3c0205cc0292aa501c442728352f44f655a18164d98c9f685c9237120641056e01276a1bfcb2a2702e59eafb2ec1fc948d71c9856a7a2c3
Behavioral task
behavioral1
Sample
1dde14f14004d0953532c4c095e1aba0cbafacf1c9c4d0ef1a98f90a0145ab85.exe
Resource
win7-20220414-en
Malware Config
Extracted
gozi_rm3
-
build
300854
Extracted
gozi_rm3
202004141
https://devicelease.xyz
-
build
300854
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
-
url_path
index.htm
Targets
-
-
Target
1dde14f14004d0953532c4c095e1aba0cbafacf1c9c4d0ef1a98f90a0145ab85
-
Size
908KB
-
MD5
db425b3a2847a2f961705308e20062ba
-
SHA1
c45633e73b54ae0de2f4b825f9f2097a582f0ca8
-
SHA256
1dde14f14004d0953532c4c095e1aba0cbafacf1c9c4d0ef1a98f90a0145ab85
-
SHA512
aa32fd04d3a242d1d3c0205cc0292aa501c442728352f44f655a18164d98c9f685c9237120641056e01276a1bfcb2a2702e59eafb2ec1fc948d71c9856a7a2c3
-