Analysis
-
max time kernel
38s -
max time network
45s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
25-06-2022 05:27
Static task
static1
Behavioral task
behavioral1
Sample
a0d074e64d3271df78776c59a6b8ce1941f701a6207eb005dcde211444a2374f.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
General
-
Target
a0d074e64d3271df78776c59a6b8ce1941f701a6207eb005dcde211444a2374f.exe
-
Size
376KB
-
MD5
4ff50fff180cf201bc99767db4c1fb69
-
SHA1
407490bcf9ed067c98b7ee8845d8a93580610f65
-
SHA256
a0d074e64d3271df78776c59a6b8ce1941f701a6207eb005dcde211444a2374f
-
SHA512
dcb42f92b90abb9d47dc8a381b2b3d1b161361fbdfc05a0d9e08861c4a8bea5b0c1ec360b094022e8d4c3fff2367a65bd640512e5ffbadaa7ef5c3b8ea793b67
Malware Config
Extracted
Family
gozi_ifsb
Botnet
3195
C2
nsyblefgg.city
m25lni11528.com
dgrover.band
Attributes
-
build
214062
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
rsa_pubkey.plain
serpent.plain
Signatures
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/916-54-0x0000000075711000-0x0000000075713000-memory.dmpFilesize
8KB
-
memory/916-55-0x0000000000A30000-0x0000000000A3F000-memory.dmpFilesize
60KB
-
memory/916-56-0x0000000000A30000-0x0000000000A9F000-memory.dmpFilesize
444KB
-
memory/916-57-0x0000000000170000-0x000000000018B000-memory.dmpFilesize
108KB