Analysis
-
max time kernel
52s -
max time network
57s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
19-06-2022 18:50
Static task
static1
Behavioral task
behavioral1
Sample
351cb11ceac033294120769634d138051668aa6b0277f87a66b5c9b77335722d.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
General
-
Target
351cb11ceac033294120769634d138051668aa6b0277f87a66b5c9b77335722d.exe
-
Size
372KB
-
MD5
95c105e341a2085c00fad1ef61c6d586
-
SHA1
43ee1ef1b5220156fdb7eccc2fb9caf708f46ae8
-
SHA256
351cb11ceac033294120769634d138051668aa6b0277f87a66b5c9b77335722d
-
SHA512
9c4758c56820eac068c4f43f4f11bd4cbe3e9aba85ebe2214146587953d8591e7267b889c823718145e32b89f6fe4da617352309326be43b4be0165c2a1e2ef5
Malware Config
Extracted
Family
gozi_ifsb
Attributes
-
build
214062
Extracted
Family
gozi_ifsb
Botnet
3181
C2
bm25yp.com
xiivhaaou.email
m264591jasen.city
Attributes
-
build
214062
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
rsa_pubkey.plain
serpent.plain