Analysis
-
max time kernel
31s -
max time network
38s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
15/06/2022, 00:15
Static task
static1
Behavioral task
behavioral1
Sample
2bfd88ce4c1cef403f78823d9b95d7ddc3c0eb1c82b56d961eccce026f5d5e59.exe
Resource
win7-20220414-en
0 signatures
0 seconds
General
-
Target
2bfd88ce4c1cef403f78823d9b95d7ddc3c0eb1c82b56d961eccce026f5d5e59.exe
-
Size
344KB
-
MD5
6f93d14cf03f1b099d378cfa87e5d9ab
-
SHA1
00dfb5e64b1f5cfb1995562f91ad690ed19659b0
-
SHA256
2bfd88ce4c1cef403f78823d9b95d7ddc3c0eb1c82b56d961eccce026f5d5e59
-
SHA512
cd6ea17bf7b038978771552905100d0fa51a899214b21c322ea5aa3550a0c7501cf0b792dea78b22ae94120c369cbf42e3003c2196acb923163288d46268c789
Malware Config
Extracted
Family
gozi_ifsb
Attributes
-
build
214062
Extracted
Family
gozi_ifsb
Botnet
3199
C2
wseo6lizzie.com
xcalebcleta.com
pyznvalerie.com
Attributes
-
build
214062
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
rsa_pubkey.plain
serpent.plain