General
-
Target
98753a44c6af450af79d8c1cd0052ff39368b7faa8da99f641c0e7f705639885
-
Size
120KB
-
Sample
220625-fyqvtsfefj
-
MD5
de012f1bf4153cca1c0eff3fa2349a77
-
SHA1
1781951410803a443e6a97894b6fcb629b1d65ce
-
SHA256
98753a44c6af450af79d8c1cd0052ff39368b7faa8da99f641c0e7f705639885
-
SHA512
6de70576b698c1a977cde75e4e2fff3cbe5412fd599c4190b36c6ddf228c297bfae93721c50b329fd503848b3813df9f51c15099b893b5acb253c461e0f7a494
Static task
static1
Behavioral task
behavioral1
Sample
98753a44c6af450af79d8c1cd0052ff39368b7faa8da99f641c0e7f705639885.exe
Resource
win7-20220414-en
Malware Config
Extracted
gozi_ifsb
2000
foo.fulldin.at/webstore
bat.fulldin.at/webstore
-
build
217114
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
dns_servers
8.8.8.8
195.10.195.195
8.8.4.4
95.216.174.175
193.30.123.44
94.247.43.254
-
exe_type
loader
-
server_id
550
Targets
-
-
Target
98753a44c6af450af79d8c1cd0052ff39368b7faa8da99f641c0e7f705639885
-
Size
120KB
-
MD5
de012f1bf4153cca1c0eff3fa2349a77
-
SHA1
1781951410803a443e6a97894b6fcb629b1d65ce
-
SHA256
98753a44c6af450af79d8c1cd0052ff39368b7faa8da99f641c0e7f705639885
-
SHA512
6de70576b698c1a977cde75e4e2fff3cbe5412fd599c4190b36c6ddf228c297bfae93721c50b329fd503848b3813df9f51c15099b893b5acb253c461e0f7a494
-