Analysis
-
max time kernel
154s -
max time network
47s -
platform
windows7_x64 -
resource
win7-20220414-en -
submitted
12-07-2022 08:23
Static task
static1
Behavioral task
behavioral1
Sample
4be7342ef8988e741fa9b25b398fa7cbc442e7622b0df7b58c9d714ca97bb8ba.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
General
-
Target
4be7342ef8988e741fa9b25b398fa7cbc442e7622b0df7b58c9d714ca97bb8ba.exe
-
Size
269KB
-
MD5
bc19fb76b57277097bb95d13e65d4bbf
-
SHA1
625e67da9528ab38d905a8a67e40e4d6230514f5
-
SHA256
4be7342ef8988e741fa9b25b398fa7cbc442e7622b0df7b58c9d714ca97bb8ba
-
SHA512
ebfbcfa0609623389607a489c4e63bcdb6378c06d0c46a1a3603e9421135b2036c1d4fd75921e7e184b8a80bf7604ba48dce0eeaa1cb3cf1cedb6312f9373f56
Malware Config
Extracted
Family
gozi_ifsb
Attributes
-
build
215165
Extracted
Family
gozi_ifsb
Botnet
3151
C2
zardinglog.com
sycingshbo.com
imminesenc.com
Attributes
-
build
215165
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
rsa_pubkey.plain
serpent.plain