General
-
Target
7670346120.zip
-
Size
132KB
-
Sample
220629-ymrxvsecc3
-
MD5
e3e95f2558b7e156a39cc27984485ecc
-
SHA1
76c7c01b538e6c8fb8804d1fae1da7ee6d7172a4
-
SHA256
f65d89d469a51ea178d198fc3fd9123c63937daa6129d35f872769a85aa479e9
-
SHA512
2cdaba5e071c1ce6139f85472414802f765a5915737fe2f8454bb6d3f1762ecde783f2d3a018c33ee9f99a02afeda52910b9e7806d25a676cbfcc2fac3b4bad8
Static task
static1
Behavioral task
behavioral1
Sample
64d2a023b1208a01375af17e3b02ff7eebae76d3a35ece915c52e5d7a021edc9.dll
Resource
win7-20220414-en
Malware Config
Extracted
gozi_ifsb
3000
config.edge.skype.com
194.76.225.112
194.76.225.113
46.21.153.203
-
base_path
/drew/
-
build
250239
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
64d2a023b1208a01375af17e3b02ff7eebae76d3a35ece915c52e5d7a021edc9
-
Size
226KB
-
MD5
e84631873c87ac0af8a0a0802afaafb3
-
SHA1
d6a37d21ea7bf956a086c03ccbeeb84ffeb758a3
-
SHA256
64d2a023b1208a01375af17e3b02ff7eebae76d3a35ece915c52e5d7a021edc9
-
SHA512
3a7da6eab40d580946d7eb01d1bab1920d5eb04044d52fb48300ea9dfd9e057c367f4605065841bdac82b288696a7142b66a6059281118f42a5244be14c94793
-
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M2 (_2F)
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M2 (_2F)
-