General
-
Target
9e5b322be0266d45d99f290d1d86c8a11aa805cd09d5ded9e25f89fc58849997
-
Size
908KB
-
Sample
220521-a4yjzaecek
-
MD5
4f9dbd94ac6de4fe4d9c21c01809f18a
-
SHA1
20354026c7e41a1424dba51312f0a3b7aeef587e
-
SHA256
9e5b322be0266d45d99f290d1d86c8a11aa805cd09d5ded9e25f89fc58849997
-
SHA512
21b8aa3171c312e6cf1aef1d87f9c6b56050cac5742c529cc21514432ddecf06b20ece47cf9fa4c56cab2963924bd176cc9bc7d0c18c3beb51986454121d5447
Behavioral task
behavioral1
Sample
9e5b322be0266d45d99f290d1d86c8a11aa805cd09d5ded9e25f89fc58849997.exe
Resource
win7-20220414-en
Malware Config
Extracted
gozi_rm3
-
build
300854
Extracted
gozi_rm3
202004141
https://devicelease.xyz
-
build
300854
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
-
url_path
index.htm
Targets
-
-
Target
9e5b322be0266d45d99f290d1d86c8a11aa805cd09d5ded9e25f89fc58849997
-
Size
908KB
-
MD5
4f9dbd94ac6de4fe4d9c21c01809f18a
-
SHA1
20354026c7e41a1424dba51312f0a3b7aeef587e
-
SHA256
9e5b322be0266d45d99f290d1d86c8a11aa805cd09d5ded9e25f89fc58849997
-
SHA512
21b8aa3171c312e6cf1aef1d87f9c6b56050cac5742c529cc21514432ddecf06b20ece47cf9fa4c56cab2963924bd176cc9bc7d0c18c3beb51986454121d5447
-