Analysis
-
max time kernel
143s -
max time network
48s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
01-07-2022 07:38
Static task
static1
Behavioral task
behavioral1
Sample
3e5f77c40e8a5c4348b98bac24c7695a48698300f24bca36d35918efef4501b9.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
General
-
Target
3e5f77c40e8a5c4348b98bac24c7695a48698300f24bca36d35918efef4501b9.exe
-
Size
485KB
-
MD5
4859c5beb46ff5a4385ecc90ddaf9f44
-
SHA1
af6467fed5aeb4065b0ce70ef3a15f6daae03b65
-
SHA256
3e5f77c40e8a5c4348b98bac24c7695a48698300f24bca36d35918efef4501b9
-
SHA512
f498923c80f7dbb2a7022c93f8e9962bc31d56bce1939fdbd1e7303de565a25a850a9be3e84862f2649f8a80ad4eb01cdf1817104fa161f3fbba6f0887b1c235
Malware Config
Extracted
Family
gozi_ifsb
Attributes
-
build
215165
Extracted
Family
gozi_ifsb
Botnet
3140
C2
isatawatag.com
bosototsuy.com
atamekihok.com
Attributes
-
build
215165
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
rsa_pubkey.plain
serpent.plain