General
-
Target
547e68948b7c490bb0793f5d123b606d1d5f6210
-
Size
196KB
-
Sample
220712-ez9tnaddg3
-
MD5
110f8f96a6313b9a11e81edcab961454
-
SHA1
547e68948b7c490bb0793f5d123b606d1d5f6210
-
SHA256
f18fa78f01e930c099b0a1dab86ca4151ffbb265a741135dcff80791cc2fa18b
-
SHA512
02bfa696131c5b57d10f9cff4ee34f3c412bae53a13f57d800ce0e3ab046e10fbde2d22210ec9de27ef092bf59f45231edef6fdd157437f4c024e35b4edcee94
Behavioral task
behavioral1
Sample
547e68948b7c490bb0793f5d123b606d1d5f6210.dll
Resource
win7-20220414-en
Malware Config
Extracted
gozi_ifsb
1100
api3.lepini.at/api1
g4xp7aanksu6qgci.onion/api1
g8.farihon.at/api1
l35sr5h5jl7xrh2q.onion/api1
kol.frencko.at/api1
chat.pinole.at/api1
ram.unici.at/api1
6buzj3jmnvrak4lh.onion/api1
wert.paratim.at/api1
c56.lepini.at/api1
-
build
250157
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
worker
-
server_id
730
Targets
-
-
Target
547e68948b7c490bb0793f5d123b606d1d5f6210
-
Size
196KB
-
MD5
110f8f96a6313b9a11e81edcab961454
-
SHA1
547e68948b7c490bb0793f5d123b606d1d5f6210
-
SHA256
f18fa78f01e930c099b0a1dab86ca4151ffbb265a741135dcff80791cc2fa18b
-
SHA512
02bfa696131c5b57d10f9cff4ee34f3c412bae53a13f57d800ce0e3ab046e10fbde2d22210ec9de27ef092bf59f45231edef6fdd157437f4c024e35b4edcee94
-