Analysis
-
max time kernel
64s -
max time network
89s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
25-06-2022 06:03
Static task
static1
Behavioral task
behavioral1
Sample
f72ceb5d76a58e94bfbaf025f04a51e75459592d727ab97041ef01af2ba96fa9.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
General
-
Target
f72ceb5d76a58e94bfbaf025f04a51e75459592d727ab97041ef01af2ba96fa9.exe
-
Size
459KB
-
MD5
beb0c30909a688c004e08a0adaacd971
-
SHA1
f40b8b29d8ed2898dd55a1dbfb11290cdf0465a1
-
SHA256
f72ceb5d76a58e94bfbaf025f04a51e75459592d727ab97041ef01af2ba96fa9
-
SHA512
3fd0e22735a80acfdb2e58fbe19bb208ec32355c8bfb9c5081db788a438ee96a80772dc9d43387fb2ecaf43ea43a04455b55fe37aa0dccb45d77707b07f5a020
Malware Config
Extracted
Family
gozi_ifsb
Attributes
-
build
214085
Extracted
Family
gozi_ifsb
Botnet
3428
C2
google.com
gmail.com
ztoy.top
qmiller.club
vipresleynz.com
Attributes
-
build
214085
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
rsa_pubkey.plain
serpent.plain