Analysis
-
max time kernel
32s -
max time network
46s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
01-07-2022 07:36
Static task
static1
Behavioral task
behavioral1
Sample
3e630958972b029da65d7bb4b1d4dff4fd419707d7af9494df5fbff5e032f3a8.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
General
-
Target
3e630958972b029da65d7bb4b1d4dff4fd419707d7af9494df5fbff5e032f3a8.exe
-
Size
338KB
-
MD5
d1c52a453a936ea1c07e6e41eb922b69
-
SHA1
97cebbf9916c6f77a5ebdf5a60d29bfeb3df25b8
-
SHA256
3e630958972b029da65d7bb4b1d4dff4fd419707d7af9494df5fbff5e032f3a8
-
SHA512
d1ec60d8eca8961afb48c1837f0df4b37e28798480b6fb1c581e7749e5cca35a85211fe88b0d0b2d688ecc4e6726747f635f1b8da74f483bbae39b6bf8c0f284
Malware Config
Extracted
Family
gozi_ifsb
Attributes
-
build
214062
Extracted
Family
gozi_ifsb
Botnet
3191
C2
grtyrrodfto.com
wenyjactvvfat.com
egwnwetgwoiiie.city
Attributes
-
build
214062
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
rsa_pubkey.plain
serpent.plain
Signatures
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1664-54-0x0000000075581000-0x0000000075583000-memory.dmpFilesize
8KB
-
memory/1664-55-0x0000000000400000-0x000000000040F000-memory.dmpFilesize
60KB
-
memory/1664-56-0x0000000000400000-0x0000000000463000-memory.dmpFilesize
396KB
-
memory/1664-57-0x0000000000260000-0x000000000027B000-memory.dmpFilesize
108KB