General
-
Target
ef137b4fb6819a4aba3866003c871692d569eeb65523d0e2565df8949ef09961
-
Size
376KB
-
Sample
220701-hjsf8aabc3
-
MD5
92e4d53a04824638f683e8eaca91403a
-
SHA1
f1a9e6f7a3912617c6b4119097a7bd14d3cc589c
-
SHA256
ef137b4fb6819a4aba3866003c871692d569eeb65523d0e2565df8949ef09961
-
SHA512
bea833371ed49f76169defb75bcb2653553fffeaf0d5cffff02ac3716c03f27b99b8caf358a500f678a618cdbb4892a78ecc195aed6b79b93dab94327620ae09
Static task
static1
Behavioral task
behavioral1
Sample
ef137b4fb6819a4aba3866003c871692d569eeb65523d0e2565df8949ef09961.exe
Resource
win7-20220414-en
Malware Config
Extracted
gozi_ifsb
-
build
214062
Extracted
gozi_ifsb
3193
fy76qn.email
dst1894.com
w40shailie.city
-
build
214062
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
Targets
-
-
Target
ef137b4fb6819a4aba3866003c871692d569eeb65523d0e2565df8949ef09961
-
Size
376KB
-
MD5
92e4d53a04824638f683e8eaca91403a
-
SHA1
f1a9e6f7a3912617c6b4119097a7bd14d3cc589c
-
SHA256
ef137b4fb6819a4aba3866003c871692d569eeb65523d0e2565df8949ef09961
-
SHA512
bea833371ed49f76169defb75bcb2653553fffeaf0d5cffff02ac3716c03f27b99b8caf358a500f678a618cdbb4892a78ecc195aed6b79b93dab94327620ae09
-