General
-
Target
292b2a9b168a978a1f9a1ba12606c9ce48f3a54806ce49093c33eb797d2bf5f5
-
Size
243KB
-
Sample
220615-smy4aacfdn
-
MD5
6f3d74a03549d03a72721df822621451
-
SHA1
abc049128a11974fe1d9305b4fc8f25ff330bf38
-
SHA256
292b2a9b168a978a1f9a1ba12606c9ce48f3a54806ce49093c33eb797d2bf5f5
-
SHA512
1bed4e0edea9a2ce3a27921f9f8353e8a3ecd7c38b0141539d09d283259d757387ff955f2253a294aaafa04d20b281a5acc9a532f03a2fe19295093a857261f3
Static task
static1
Behavioral task
behavioral1
Sample
292b2a9b168a978a1f9a1ba12606c9ce48f3a54806ce49093c33eb797d2bf5f5.exe
Resource
win7-20220414-en
Malware Config
Extracted
gozi_ifsb
-
build
214098
Extracted
gozi_ifsb
3515
google.com
gmail.com
v61nkkybd.com
dee12yadira43.com
ffhyyo51y.com
-
build
214098
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
Targets
-
-
Target
292b2a9b168a978a1f9a1ba12606c9ce48f3a54806ce49093c33eb797d2bf5f5
-
Size
243KB
-
MD5
6f3d74a03549d03a72721df822621451
-
SHA1
abc049128a11974fe1d9305b4fc8f25ff330bf38
-
SHA256
292b2a9b168a978a1f9a1ba12606c9ce48f3a54806ce49093c33eb797d2bf5f5
-
SHA512
1bed4e0edea9a2ce3a27921f9f8353e8a3ecd7c38b0141539d09d283259d757387ff955f2253a294aaafa04d20b281a5acc9a532f03a2fe19295093a857261f3
-
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M2 (_2F)
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M2 (_2F)
-