General
-
Target
2cba9e142f667e16afacf89db19f91f42d5594d18934f5d86bfaed9e64bc5cb9
-
Size
3.7MB
-
Sample
220614-1qzszsefbr
-
MD5
b0fdccbc6f384b9e4155b6f4a0a25988
-
SHA1
dba7dcfa2400c1256298c1abc12d79723aa96963
-
SHA256
2cba9e142f667e16afacf89db19f91f42d5594d18934f5d86bfaed9e64bc5cb9
-
SHA512
777f35afb7432b7c9ab1af6a8a88d06f7d08dd90d025987960e59d6c421f0991e7a55eddc2e9746ff708a72f9930f300ff99156485ebfe95d2fee314b9171e2d
Static task
static1
Behavioral task
behavioral1
Sample
2cba9e142f667e16afacf89db19f91f42d5594d18934f5d86bfaed9e64bc5cb9.exe
Resource
win7-20220414-en
Malware Config
Extracted
gozi_ifsb
-
build
214098
Extracted
gozi_ifsb
3523
fortinet.com
symantec.com
z39bldfq.com
r79xhiram81ue.com
mlqlqewh.com
-
build
214098
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
Targets
-
-
Target
2cba9e142f667e16afacf89db19f91f42d5594d18934f5d86bfaed9e64bc5cb9
-
Size
3.7MB
-
MD5
b0fdccbc6f384b9e4155b6f4a0a25988
-
SHA1
dba7dcfa2400c1256298c1abc12d79723aa96963
-
SHA256
2cba9e142f667e16afacf89db19f91f42d5594d18934f5d86bfaed9e64bc5cb9
-
SHA512
777f35afb7432b7c9ab1af6a8a88d06f7d08dd90d025987960e59d6c421f0991e7a55eddc2e9746ff708a72f9930f300ff99156485ebfe95d2fee314b9171e2d
-
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M2 (_2F)
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M2 (_2F)
-