General
-
Target
3689ed1f1346dfeb3e72648b4e642943d23c7c85a4df607c81bc7959c6afa435
-
Size
459KB
-
Sample
220626-cnvt9afbd9
-
MD5
791601342c73022bdc040fb86840e40e
-
SHA1
0c57279c461c4ae7ff39de7ed4f3f4e50df3f047
-
SHA256
3689ed1f1346dfeb3e72648b4e642943d23c7c85a4df607c81bc7959c6afa435
-
SHA512
38cf33a61639f54d06f95da242d356699d66a2aca3755c6a4495c13d54756accbfa845c1e96b52bf395ebf9b0c99fb8168de6fe54e3fdfa37dc6658215d0356c
Static task
static1
Behavioral task
behavioral1
Sample
3689ed1f1346dfeb3e72648b4e642943d23c7c85a4df607c81bc7959c6afa435.exe
Resource
win7-20220414-en
Malware Config
Extracted
gozi_ifsb
-
build
214085
Extracted
gozi_ifsb
3428
google.com
gmail.com
ztoy.top
qmiller.club
vipresleynz.com
-
build
214085
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
Targets
-
-
Target
3689ed1f1346dfeb3e72648b4e642943d23c7c85a4df607c81bc7959c6afa435
-
Size
459KB
-
MD5
791601342c73022bdc040fb86840e40e
-
SHA1
0c57279c461c4ae7ff39de7ed4f3f4e50df3f047
-
SHA256
3689ed1f1346dfeb3e72648b4e642943d23c7c85a4df607c81bc7959c6afa435
-
SHA512
38cf33a61639f54d06f95da242d356699d66a2aca3755c6a4495c13d54756accbfa845c1e96b52bf395ebf9b0c99fb8168de6fe54e3fdfa37dc6658215d0356c
-