Analysis
-
max time kernel
49s -
max time network
54s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
01-07-2022 13:47
Static task
static1
Behavioral task
behavioral1
Sample
3dfdb2b45e062b4abba6d7d144749831ba36cfe121657a5245733b2d7b1bd651.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
General
-
Target
3dfdb2b45e062b4abba6d7d144749831ba36cfe121657a5245733b2d7b1bd651.exe
-
Size
297KB
-
MD5
bbbe04ad21ad0f9ee72f6fed09671e78
-
SHA1
cf781f07eafc141f6afd045b79049e101cedca2c
-
SHA256
3dfdb2b45e062b4abba6d7d144749831ba36cfe121657a5245733b2d7b1bd651
-
SHA512
6c185787a67d7fd282f316b4677181cd024d7292e1d8d43622ad99941c30401d3faee0287c38c12dfabdc5e4033ed678a3569d76ef931bec878309ba57d8c500
Malware Config
Extracted
Family
gozi_ifsb
Attributes
-
build
217173
Extracted
Family
gozi_ifsb
Botnet
3313
C2
b49ealsgrjf63w.info
qn44katlynorval.com
tisabellervoe.xyz
Attributes
-
build
217173
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
rsa_pubkey.plain
serpent.plain