Analysis
-
max time kernel
111s -
max time network
46s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
07-07-2022 23:50
Static task
static1
Behavioral task
behavioral1
Sample
4324368efb62f575c31bb2771903000b0603cadf200b1e0fda77255a5663bcfd.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
General
-
Target
4324368efb62f575c31bb2771903000b0603cadf200b1e0fda77255a5663bcfd.exe
-
Size
197KB
-
MD5
d6dedbd21fc85caa8852e37daeea49ca
-
SHA1
337a85009ee11444c5c59c953283bc7814d93e98
-
SHA256
4324368efb62f575c31bb2771903000b0603cadf200b1e0fda77255a5663bcfd
-
SHA512
4c4b40910e34f47bab30e131531bd16f563ece7bec859fd0d511ad1f8bef051f7e7d8b1b092610c205a065ad11f4dc3f3e5d0714f5be0a56c9fd71fb60007d2f
Malware Config
Extracted
Family
gozi_ifsb
Attributes
-
build
215165
Extracted
Family
gozi_ifsb
Botnet
3135
C2
zweideckei.com
ziebelschr.com
endetztera.com
Attributes
-
build
215165
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
rsa_pubkey.plain
serpent.plain