General
-
Target
1903054965db85227c9324e88928a00e36890de4e0dec8961abf68520b48e3f3
-
Size
221KB
-
Sample
220608-sralgsdcbj
-
MD5
616cbb4e11a548edd591c2616e6f013f
-
SHA1
f44f8aff3f97f40f245e66cb3567b86d4a54233b
-
SHA256
1903054965db85227c9324e88928a00e36890de4e0dec8961abf68520b48e3f3
-
SHA512
b8d4be20f1966d95647c7e210c3f980f1672625df24f097e9b139071ed42ec6ac02dc1f33ac96f0b65d159821a5353b839d2d9522c6f85b2aa51b655adb0256f
Static task
static1
Behavioral task
behavioral1
Sample
1903054965db85227c9324e88928a00e36890de4e0dec8961abf68520b48e3f3.exe
Resource
win7-20220414-en
Malware Config
Extracted
gozi_ifsb
2000
x1.narutik.at/webstore
cdn5.narutik.at/webstore
cd.pranahat.at/webstore
-
build
217083
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
dns_servers
172.104.136.243
8.8.8.8
176.126.70.119
51.15.98.97
193.183.98.66
-
exe_type
loader
-
server_id
550
Targets
-
-
Target
1903054965db85227c9324e88928a00e36890de4e0dec8961abf68520b48e3f3
-
Size
221KB
-
MD5
616cbb4e11a548edd591c2616e6f013f
-
SHA1
f44f8aff3f97f40f245e66cb3567b86d4a54233b
-
SHA256
1903054965db85227c9324e88928a00e36890de4e0dec8961abf68520b48e3f3
-
SHA512
b8d4be20f1966d95647c7e210c3f980f1672625df24f097e9b139071ed42ec6ac02dc1f33ac96f0b65d159821a5353b839d2d9522c6f85b2aa51b655adb0256f
-