Analysis
-
max time kernel
49s -
max time network
50s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
15-06-2022 07:06
Static task
static1
Behavioral task
behavioral1
Sample
2a0774adc7d46c12f038861af93cf423382f90385c87868f181a279209258332.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
General
-
Target
2a0774adc7d46c12f038861af93cf423382f90385c87868f181a279209258332.exe
-
Size
459KB
-
MD5
df884cff9885319181dc78d0919b847a
-
SHA1
7451a992c0541c0db90b47edf26039314dc507f6
-
SHA256
2a0774adc7d46c12f038861af93cf423382f90385c87868f181a279209258332
-
SHA512
3242fa2bd2703e51dd8c3dc0f3eb5977fb3d41e1143b54a55a905750d58ba6c5f0c54695474780f07d2d1d48b868425ed9b79f42e5ba078ee96085fcc5b90c37
Malware Config
Extracted
Family
gozi_ifsb
Attributes
-
build
214085
Extracted
Family
gozi_ifsb
Botnet
3428
C2
google.com
gmail.com
ztoy.top
qmiller.club
vipresleynz.com
Attributes
-
build
214085
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
rsa_pubkey.plain
serpent.plain