General
-
Target
fbd263fef5fd3d0033d57b36d4118780c7de4a615e568b54587dbaf7c5397037
-
Size
162KB
-
Sample
220701-hw5mbaagc6
-
MD5
e8bf277e4cd749304f61e9d95275d397
-
SHA1
a2ad72750ccf2d6d84eb69504333536dfa0c89cb
-
SHA256
fbd263fef5fd3d0033d57b36d4118780c7de4a615e568b54587dbaf7c5397037
-
SHA512
da654e2df7ee680a3eb7470e1a51e1ab4382ed18b9f6f3915088558e23772522e3af11bb932b9f972b75402f595d2bd93f37666b620eac1706a927c4d9dc43f5
Static task
static1
Behavioral task
behavioral1
Sample
fbd263fef5fd3d0033d57b36d4118780c7de4a615e568b54587dbaf7c5397037.exe
Resource
win7-20220414-en
Malware Config
Extracted
gozi_ifsb
-
build
214107
Extracted
gozi_ifsb
3529
gmail.com
google.com
nfyuabel.com
rwoodrowyioay.com
gqx21mcou.com
-
build
214107
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
Targets
-
-
Target
fbd263fef5fd3d0033d57b36d4118780c7de4a615e568b54587dbaf7c5397037
-
Size
162KB
-
MD5
e8bf277e4cd749304f61e9d95275d397
-
SHA1
a2ad72750ccf2d6d84eb69504333536dfa0c89cb
-
SHA256
fbd263fef5fd3d0033d57b36d4118780c7de4a615e568b54587dbaf7c5397037
-
SHA512
da654e2df7ee680a3eb7470e1a51e1ab4382ed18b9f6f3915088558e23772522e3af11bb932b9f972b75402f595d2bd93f37666b620eac1706a927c4d9dc43f5
-
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M2 (_2F)
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M2 (_2F)
-