General
-
Target
20d97e9dcea7a657dba81cb6213a021bf9fd58da0af2424d3ae9c5f3389be7b9
-
Size
485KB
-
Sample
220612-mhc3csdch3
-
MD5
7757105d47952dfa5d21ea86deb0c110
-
SHA1
a82643d68e4aa65b26347b4cfc7494d3a4c4982f
-
SHA256
20d97e9dcea7a657dba81cb6213a021bf9fd58da0af2424d3ae9c5f3389be7b9
-
SHA512
bed9f1d8fb9290f18bcb70dce9222149abbbc481608644483313cc971150c5a506dc4503db60b4e8a49b07f18dc30e8a35912e5afc270820d93db0cfbbec2437
Static task
static1
Behavioral task
behavioral1
Sample
20d97e9dcea7a657dba81cb6213a021bf9fd58da0af2424d3ae9c5f3389be7b9.exe
Resource
win7-20220414-en
Malware Config
Extracted
gozi_ifsb
-
build
215165
Extracted
gozi_ifsb
3140
isatawatag.com
bosototsuy.com
atamekihok.com
-
build
215165
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
Targets
-
-
Target
20d97e9dcea7a657dba81cb6213a021bf9fd58da0af2424d3ae9c5f3389be7b9
-
Size
485KB
-
MD5
7757105d47952dfa5d21ea86deb0c110
-
SHA1
a82643d68e4aa65b26347b4cfc7494d3a4c4982f
-
SHA256
20d97e9dcea7a657dba81cb6213a021bf9fd58da0af2424d3ae9c5f3389be7b9
-
SHA512
bed9f1d8fb9290f18bcb70dce9222149abbbc481608644483313cc971150c5a506dc4503db60b4e8a49b07f18dc30e8a35912e5afc270820d93db0cfbbec2437
-