Analysis
-
max time kernel
66s -
max time network
72s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
14/06/2022, 19:20
Static task
static1
Behavioral task
behavioral1
Sample
2d78306c54359d0c0709d5cfe04f039ebce57fcf2f2e501358265da98fe3a3c2.exe
Resource
win7-20220414-en
0 signatures
0 seconds
General
-
Target
2d78306c54359d0c0709d5cfe04f039ebce57fcf2f2e501358265da98fe3a3c2.exe
-
Size
203KB
-
MD5
5aa0e7ecb30d050b9fa2cd4871c133fe
-
SHA1
27a63fdb94dede68a173a20cb2971597af22ba64
-
SHA256
2d78306c54359d0c0709d5cfe04f039ebce57fcf2f2e501358265da98fe3a3c2
-
SHA512
72889d227950a307713a49cd1837635a56518b0798c7eea86f5b9de983985cb81761ac2a3e8383e2984d8a6a7574b39e730b3b4e700f72f52854a3490b010e8e
Malware Config
Extracted
Family
gozi_ifsb
Attributes
-
build
215165
Extracted
Family
gozi_ifsb
Botnet
3162
C2
menehleibe.com
liemuteste.com
thulligend.com
Attributes
-
build
215165
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
rsa_pubkey.plain
serpent.plain