General
-
Target
06925a0af22c81bd2f8ea0303f45b228f6d831f929f7c8a66a2927fe43463335
-
Size
908KB
-
Sample
220525-a2xvnadec4
-
MD5
47254e03203c7d6f8f6d8915bf49ecf9
-
SHA1
8a12369d39d42759cf3da737333b7863826f287f
-
SHA256
06925a0af22c81bd2f8ea0303f45b228f6d831f929f7c8a66a2927fe43463335
-
SHA512
2629f7a0eaf2075797608a9d8a2e3f67deef7fd241455b3c9b79ce53900a1cef101f7365691085b5a3bde08d82427925397cb0964b53d3e7997042b819576e06
Behavioral task
behavioral1
Sample
06925a0af22c81bd2f8ea0303f45b228f6d831f929f7c8a66a2927fe43463335.exe
Resource
win7-20220414-en
Malware Config
Extracted
gozi_rm3
-
build
300854
Extracted
gozi_rm3
202004141
https://devicelease.xyz
-
build
300854
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
-
url_path
index.htm
Targets
-
-
Target
06925a0af22c81bd2f8ea0303f45b228f6d831f929f7c8a66a2927fe43463335
-
Size
908KB
-
MD5
47254e03203c7d6f8f6d8915bf49ecf9
-
SHA1
8a12369d39d42759cf3da737333b7863826f287f
-
SHA256
06925a0af22c81bd2f8ea0303f45b228f6d831f929f7c8a66a2927fe43463335
-
SHA512
2629f7a0eaf2075797608a9d8a2e3f67deef7fd241455b3c9b79ce53900a1cef101f7365691085b5a3bde08d82427925397cb0964b53d3e7997042b819576e06
-