General
-
Target
116b8f1d97f683b0e4b5694a26916ede2178a70183877f2c81f92685aa219084
-
Size
264KB
-
Sample
220604-e3h54sacf4
-
MD5
af8c49ddefa6e66c817fd2e688cba1d0
-
SHA1
84462381084fc16b11048b02c9d962fe613890bf
-
SHA256
116b8f1d97f683b0e4b5694a26916ede2178a70183877f2c81f92685aa219084
-
SHA512
b5dca64d29f9f4b880a9094a1d490fa53d4baa150419be64c72c7963961b2cf08311dc47962d17c3b4c6f325eaaed449880c183a7c19e283c897b171d0df8ec4
Static task
static1
Behavioral task
behavioral1
Sample
116b8f1d97f683b0e4b5694a26916ede2178a70183877f2c81f92685aa219084.exe
Resource
win7-20220414-en
Malware Config
Extracted
gozi_ifsb
2000
has.votaritar.at/webstore
-
build
217099
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
dns_servers
8.8.8.8
195.10.195.195
8.8.4.4
95.216.174.175
193.30.123.44
94.247.43.254
-
exe_type
loader
-
server_id
550
Targets
-
-
Target
116b8f1d97f683b0e4b5694a26916ede2178a70183877f2c81f92685aa219084
-
Size
264KB
-
MD5
af8c49ddefa6e66c817fd2e688cba1d0
-
SHA1
84462381084fc16b11048b02c9d962fe613890bf
-
SHA256
116b8f1d97f683b0e4b5694a26916ede2178a70183877f2c81f92685aa219084
-
SHA512
b5dca64d29f9f4b880a9094a1d490fa53d4baa150419be64c72c7963961b2cf08311dc47962d17c3b4c6f325eaaed449880c183a7c19e283c897b171d0df8ec4
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-