General
-
Target
11c554a1ed8952b63677542071f87a7349d0d508371e61236c82b3de62ce8845
-
Size
308KB
-
Sample
220604-agla5aafd8
-
MD5
434e2060c3650402e75bfce4b8f6034e
-
SHA1
0afdf4a1eabd95380e045111fb4f76f170e38ee4
-
SHA256
11c554a1ed8952b63677542071f87a7349d0d508371e61236c82b3de62ce8845
-
SHA512
e755ddbb3bd122fc96a6e7dd8e89d58cfceb57922bb8affff4ad7cb834b776b6e9e0cad5be7f6157231b13833f094fe7b1dfa2f1cc79d141d323b97a86e4e979
Static task
static1
Behavioral task
behavioral1
Sample
11c554a1ed8952b63677542071f87a7349d0d508371e61236c82b3de62ce8845.exe
Resource
win7-20220414-en
Malware Config
Extracted
gozi_ifsb
1010
sys.mohitsagarmusic.com/bcms/assets/img
sys.dylanlake653.com/bcms/assets/img
sys.cozmoattire.com/bcms/assets/img
sys.nahualbrand.com/bcms/assets/img
lansystemstat.com/bcms/assets/img
highnetwork.pw/bcms/assets/img
lostnetwork.in/bcms/assets/img
sysconnections.net/bcms/assets/img
lansupports.com/bcms/assets/img
-
exe_type
worker
-
server_id
35
Targets
-
-
Target
11c554a1ed8952b63677542071f87a7349d0d508371e61236c82b3de62ce8845
-
Size
308KB
-
MD5
434e2060c3650402e75bfce4b8f6034e
-
SHA1
0afdf4a1eabd95380e045111fb4f76f170e38ee4
-
SHA256
11c554a1ed8952b63677542071f87a7349d0d508371e61236c82b3de62ce8845
-
SHA512
e755ddbb3bd122fc96a6e7dd8e89d58cfceb57922bb8affff4ad7cb834b776b6e9e0cad5be7f6157231b13833f094fe7b1dfa2f1cc79d141d323b97a86e4e979
-
Suspicious use of SetThreadContext
-