General
-
Target
2a6922c62bed9ba9015a758e8ea2a3f4e5a11497197d99663c9d3ea71eda48fa
-
Size
908KB
-
Sample
220524-3pg8nabhe9
-
MD5
255f3e50af611470a3545595891c431d
-
SHA1
6076c099593a3ba39eab0728478a1361473e42a1
-
SHA256
2a6922c62bed9ba9015a758e8ea2a3f4e5a11497197d99663c9d3ea71eda48fa
-
SHA512
3a6b4872a37549b7e30e73d3d8e0e3a5525214f50ae9beb263fed1c38f184a6b86c3c88fd9be9872e614bd8d92d263e5bdfb63b5b4607f6a4645bb641fa5ce35
Behavioral task
behavioral1
Sample
2a6922c62bed9ba9015a758e8ea2a3f4e5a11497197d99663c9d3ea71eda48fa.exe
Resource
win7-20220414-en
Malware Config
Extracted
gozi_rm3
-
build
300854
Extracted
gozi_rm3
202004141
https://devicelease.xyz
-
build
300854
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
-
url_path
index.htm
Targets
-
-
Target
2a6922c62bed9ba9015a758e8ea2a3f4e5a11497197d99663c9d3ea71eda48fa
-
Size
908KB
-
MD5
255f3e50af611470a3545595891c431d
-
SHA1
6076c099593a3ba39eab0728478a1361473e42a1
-
SHA256
2a6922c62bed9ba9015a758e8ea2a3f4e5a11497197d99663c9d3ea71eda48fa
-
SHA512
3a6b4872a37549b7e30e73d3d8e0e3a5525214f50ae9beb263fed1c38f184a6b86c3c88fd9be9872e614bd8d92d263e5bdfb63b5b4607f6a4645bb641fa5ce35
-