Analysis
-
max time kernel
70s -
max time network
46s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
04-06-2022 11:25
Static task
static1
Behavioral task
behavioral1
Sample
10bb327826096da6dc25892df7158eaa359ca40fecc45eb147524b87ad506a11.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
General
-
Target
10bb327826096da6dc25892df7158eaa359ca40fecc45eb147524b87ad506a11.exe
-
Size
239KB
-
MD5
9d6dc9c936594390a965943da28e5bf4
-
SHA1
d6cdaa9b652de90f353ab63bb39de74024007e63
-
SHA256
10bb327826096da6dc25892df7158eaa359ca40fecc45eb147524b87ad506a11
-
SHA512
0ea6eacd5358b4fcb78d391b23ca0f5f16123c63b68011287ba09e2721a83d5670570b6a05f10bc44bddf9c5791d5ad8869a213d3eb03a4f0935f073aee30868
Malware Config
Extracted
Family
gozi_ifsb
Attributes
-
build
214085
Extracted
Family
gozi_ifsb
Botnet
3474
C2
google.com
gmail.com
q982yeq23.xyz
t7763jykqeiy.com
hjruu.com
Attributes
-
build
214085
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
rsa_pubkey.plain
serpent.plain
Signatures
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1784-54-0x00000000755A1000-0x00000000755A3000-memory.dmpFilesize
8KB
-
memory/1784-55-0x0000000000A20000-0x0000000000A2E000-memory.dmpFilesize
56KB
-
memory/1784-56-0x0000000000A20000-0x0000000000B26000-memory.dmpFilesize
1.0MB
-
memory/1784-57-0x0000000000080000-0x000000000008F000-memory.dmpFilesize
60KB