General
-
Target
cfc28c18307134fd44181c705df55653e24114fe5c58788c18f50613ae08da01
-
Size
647KB
-
Sample
220623-gktj8sefd8
-
MD5
0db1f05c21f621b8ff4ec4b958d62000
-
SHA1
9e03ea20ab36ebd07e887d5d5a8467d266908b31
-
SHA256
cfc28c18307134fd44181c705df55653e24114fe5c58788c18f50613ae08da01
-
SHA512
dd7107d9f4e313f85083e7f9710e38022873c22642f8a1a04f35f08285852aef2b2c271168f8af0fd8c62c179e3af7ab7a3d1b51a3441bd072544a0ff3ef07ac
Static task
static1
Malware Config
Extracted
gozi_ifsb
20000
apghn.msn.com
188.126.76.221
-
base_path
/budweiser/
-
build
250235
-
exe_type
loader
-
extension
.bbu
-
server_id
50
Targets
-
-
Target
cfc28c18307134fd44181c705df55653e24114fe5c58788c18f50613ae08da01
-
Size
647KB
-
MD5
0db1f05c21f621b8ff4ec4b958d62000
-
SHA1
9e03ea20ab36ebd07e887d5d5a8467d266908b31
-
SHA256
cfc28c18307134fd44181c705df55653e24114fe5c58788c18f50613ae08da01
-
SHA512
dd7107d9f4e313f85083e7f9710e38022873c22642f8a1a04f35f08285852aef2b2c271168f8af0fd8c62c179e3af7ab7a3d1b51a3441bd072544a0ff3ef07ac
-
Suspicious use of SetThreadContext
-