Analysis
-
max time kernel
146s -
max time network
50s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
12/06/2022, 21:06
Static task
static1
Behavioral task
behavioral1
Sample
1e71d36681cdac7f4b65e93bb7506a5db337d58d34639dd5b3ad30459cdbd366.exe
Resource
win7-20220414-en
0 signatures
0 seconds
General
-
Target
1e71d36681cdac7f4b65e93bb7506a5db337d58d34639dd5b3ad30459cdbd366.exe
-
Size
485KB
-
MD5
0b1bdab915aaf05735959aeae151d585
-
SHA1
8142ee635539731fb7c1172cc83ec8e9c6d160eb
-
SHA256
1e71d36681cdac7f4b65e93bb7506a5db337d58d34639dd5b3ad30459cdbd366
-
SHA512
93bc78b841445be4d557353fbfaf694a78cfb7fdd3d1ebdb5d718dd67724b0ec10758a416211413e14b08b40bff51b3757b97de217d6a2a9db664c83f83038cb
Malware Config
Extracted
Family
gozi_ifsb
Attributes
-
build
215165
Extracted
Family
gozi_ifsb
Botnet
3140
C2
isatawatag.com
bosototsuy.com
atamekihok.com
Attributes
-
build
215165
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
rsa_pubkey.plain
serpent.plain