General
-
Target
4d733ed3acce445e397e6563fbc007d1217cb7dc07e4972b580f055d7c388dc2
-
Size
204KB
-
Sample
220712-dfyrlsgbaq
-
MD5
898f9a5c2c946ff051cc3395ee336d6f
-
SHA1
ca42fc1fce76d8e74eb0173e04240e9de7cd6eaf
-
SHA256
4d733ed3acce445e397e6563fbc007d1217cb7dc07e4972b580f055d7c388dc2
-
SHA512
85450f98eed360903001a8071462fe65915323e10fd193f6419d275526d5ab20c662555faa260a532f1c2c944fa7d139a92cf2b70ac88d5baff951512b0547cd
Static task
static1
Behavioral task
behavioral1
Sample
4d733ed3acce445e397e6563fbc007d1217cb7dc07e4972b580f055d7c388dc2.exe
Resource
win7-20220414-en
Malware Config
Extracted
gozi_ifsb
2000
has.votaritar.at/webstore
-
build
217083
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
dns_servers
192.71.245.208
8.8.8.8
51.15.98.97
172.104.136.243
193.183.98.66
-
exe_type
loader
-
server_id
550
Targets
-
-
Target
4d733ed3acce445e397e6563fbc007d1217cb7dc07e4972b580f055d7c388dc2
-
Size
204KB
-
MD5
898f9a5c2c946ff051cc3395ee336d6f
-
SHA1
ca42fc1fce76d8e74eb0173e04240e9de7cd6eaf
-
SHA256
4d733ed3acce445e397e6563fbc007d1217cb7dc07e4972b580f055d7c388dc2
-
SHA512
85450f98eed360903001a8071462fe65915323e10fd193f6419d275526d5ab20c662555faa260a532f1c2c944fa7d139a92cf2b70ac88d5baff951512b0547cd
-