Analysis
-
max time kernel
25s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
12/06/2022, 21:56
Static task
static1
Behavioral task
behavioral1
Sample
1e2cb065f3230d79b7cf2dd4ba07c9db5024b13c803728d294afe6dc01f17e5d.exe
Resource
win7-20220414-en
0 signatures
0 seconds
General
-
Target
1e2cb065f3230d79b7cf2dd4ba07c9db5024b13c803728d294afe6dc01f17e5d.exe
-
Size
648KB
-
MD5
a114fb4023f79ac00a1c0292ede78490
-
SHA1
fbe5421bed325b7f9c5d53723c0a1e8e5de63492
-
SHA256
1e2cb065f3230d79b7cf2dd4ba07c9db5024b13c803728d294afe6dc01f17e5d
-
SHA512
5b194db9a94fc0bf28bc919be327afff91cd74268b6966384524bff209321c6b8ed3a38e4070b944b97fb8e8112b2ff144cb7f3a403ad5ee698ce2216ffc5b0f
Malware Config
Extracted
Family
gozi_ifsb
Attributes
-
build
214062
Extracted
Family
gozi_ifsb
Botnet
3189
C2
hfmjerrodo.com
w19jackyivah.com
l15uniquekylie.city
Attributes
-
build
214062
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
rsa_pubkey.plain
serpent.plain