General
-
Target
6670a4aa9a83b6746c5e1d4fea4c985d16a64e2578c7e67d6aaffe55dea9f812
-
Size
908KB
-
Sample
220520-hkdpfshedr
-
MD5
0e6b26486a0b3eeb43299eb800956b04
-
SHA1
b521a3d31a8776d4abf539755988c773bbda0850
-
SHA256
6670a4aa9a83b6746c5e1d4fea4c985d16a64e2578c7e67d6aaffe55dea9f812
-
SHA512
e6efe0b32af0944f9bb672891f82b698a1a2a4c9216f308fffff64283925293189dbfb0533276007f33799c64f0188db9334fd9d38f54f2b40bb9ffd89bb6c3e
Behavioral task
behavioral1
Sample
6670a4aa9a83b6746c5e1d4fea4c985d16a64e2578c7e67d6aaffe55dea9f812.exe
Resource
win7-20220414-en
Malware Config
Extracted
gozi_rm3
-
build
300854
Extracted
gozi_rm3
202004141
https://devicelease.xyz
-
build
300854
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
-
url_path
index.htm
Targets
-
-
Target
6670a4aa9a83b6746c5e1d4fea4c985d16a64e2578c7e67d6aaffe55dea9f812
-
Size
908KB
-
MD5
0e6b26486a0b3eeb43299eb800956b04
-
SHA1
b521a3d31a8776d4abf539755988c773bbda0850
-
SHA256
6670a4aa9a83b6746c5e1d4fea4c985d16a64e2578c7e67d6aaffe55dea9f812
-
SHA512
e6efe0b32af0944f9bb672891f82b698a1a2a4c9216f308fffff64283925293189dbfb0533276007f33799c64f0188db9334fd9d38f54f2b40bb9ffd89bb6c3e
-