Analysis
-
max time kernel
52s -
max time network
88s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
08-06-2022 06:02
Static task
static1
Behavioral task
behavioral1
Sample
1998310d5d0fb04071fec2a84dda958aa430df7efb968d5eb0e77688d777abe8.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
General
-
Target
1998310d5d0fb04071fec2a84dda958aa430df7efb968d5eb0e77688d777abe8.exe
-
Size
372KB
-
MD5
4895762439c200168bce7f1ec0257a36
-
SHA1
7f30b090ec1508a86e49c68281616567498fa0c6
-
SHA256
1998310d5d0fb04071fec2a84dda958aa430df7efb968d5eb0e77688d777abe8
-
SHA512
6dcc4fdcd10fa5fbf619049350de56948526a3f0535c62c369143d3f1faee3ce67fa973d913aa840ed1e9d3772b07880a97d806b18488cb783d1bc430695deba
Malware Config
Extracted
Family
gozi_ifsb
Attributes
-
build
214062
Extracted
Family
gozi_ifsb
Botnet
3181
C2
bm25yp.com
xiivhaaou.email
m264591jasen.city
Attributes
-
build
214062
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
rsa_pubkey.plain
serpent.plain