Analysis
-
max time kernel
66s -
max time network
72s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
12-06-2022 04:49
Static task
static1
Behavioral task
behavioral1
Sample
228e3c427c6d2d81cc57bfdc8bc46786148f0f28e68b5af6477f87e9f520c17a.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
General
-
Target
228e3c427c6d2d81cc57bfdc8bc46786148f0f28e68b5af6477f87e9f520c17a.exe
-
Size
338KB
-
MD5
16e26b1aa6dbe208561309c52a48e698
-
SHA1
43a315e0e5505f5df7803eb5ce53393288f4e8b2
-
SHA256
228e3c427c6d2d81cc57bfdc8bc46786148f0f28e68b5af6477f87e9f520c17a
-
SHA512
aafdb806270ca898c9455a8715fb853eab15578bdb685fa597a4566499257bc59e443065df62746cea885fef474e4bcf343e6aa502669eedf62cfed11658c073
Malware Config
Extracted
Family
gozi_ifsb
Attributes
-
build
214062
Extracted
Family
gozi_ifsb
Botnet
3191
C2
grtyrrodfto.com
wenyjactvvfat.com
egwnwetgwoiiie.city
Attributes
-
build
214062
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
rsa_pubkey.plain
serpent.plain