General
-
Target
cadb1eee7384345e0b027f1fdac079cc34f23cf48052a7c858a0cb6644b636ae
-
Size
250KB
-
Sample
220524-r7hflaafel
-
MD5
59b7e63f87329d52cf74e10f148cde0b
-
SHA1
be354ec7ab8b33061a2fa8f0b8d84274376dd22d
-
SHA256
cadb1eee7384345e0b027f1fdac079cc34f23cf48052a7c858a0cb6644b636ae
-
SHA512
7e8d976177965048fb39e09f7bec7ba75ca3c7f6559d62e59d1f28ee36683be010c53b59d5e9183f663dc03f43748c0dbc78121a24e60abd12aaecb4b4f473b7
Behavioral task
behavioral1
Sample
cadb1eee7384345e0b027f1fdac079cc34f23cf48052a7c858a0cb6644b636ae.exe
Resource
win7-20220414-en
Malware Config
Extracted
gozi_rm3
-
build
300904
Extracted
gozi_rm3
90420251
https://vvietnamnews.xyz
-
build
300904
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
non_target_locale
RU
-
server_id
12
-
url_path
index.htm
Targets
-
-
Target
cadb1eee7384345e0b027f1fdac079cc34f23cf48052a7c858a0cb6644b636ae
-
Size
250KB
-
MD5
59b7e63f87329d52cf74e10f148cde0b
-
SHA1
be354ec7ab8b33061a2fa8f0b8d84274376dd22d
-
SHA256
cadb1eee7384345e0b027f1fdac079cc34f23cf48052a7c858a0cb6644b636ae
-
SHA512
7e8d976177965048fb39e09f7bec7ba75ca3c7f6559d62e59d1f28ee36683be010c53b59d5e9183f663dc03f43748c0dbc78121a24e60abd12aaecb4b4f473b7
-