General
-
Target
5343f42db6381300f2c970f86feaa7f4
-
Size
226KB
-
Sample
220630-hzcqpsggcj
-
MD5
e84631873c87ac0af8a0a0802afaafb3
-
SHA1
d6a37d21ea7bf956a086c03ccbeeb84ffeb758a3
-
SHA256
64d2a023b1208a01375af17e3b02ff7eebae76d3a35ece915c52e5d7a021edc9
-
SHA512
3a7da6eab40d580946d7eb01d1bab1920d5eb04044d52fb48300ea9dfd9e057c367f4605065841bdac82b288696a7142b66a6059281118f42a5244be14c94793
Static task
static1
Behavioral task
behavioral1
Sample
5343f42db6381300f2c970f86feaa7f4.dll
Resource
win7-20220414-en
Malware Config
Extracted
gozi_ifsb
3000
config.edge.skype.com
194.76.225.112
194.76.225.113
46.21.153.203
-
base_path
/drew/
-
build
250239
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
5343f42db6381300f2c970f86feaa7f4
-
Size
226KB
-
MD5
e84631873c87ac0af8a0a0802afaafb3
-
SHA1
d6a37d21ea7bf956a086c03ccbeeb84ffeb758a3
-
SHA256
64d2a023b1208a01375af17e3b02ff7eebae76d3a35ece915c52e5d7a021edc9
-
SHA512
3a7da6eab40d580946d7eb01d1bab1920d5eb04044d52fb48300ea9dfd9e057c367f4605065841bdac82b288696a7142b66a6059281118f42a5244be14c94793
-
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M2 (_2F)
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M2 (_2F)
-