General
-
Target
4a966a3c7dbace04643319af41f855d2bc888a986061537a6dce97089bd2322c
-
Size
285KB
-
Sample
220712-pz1wvsagcn
-
MD5
a442cc5b0f5f2f3f906c52887c6fd58d
-
SHA1
d06f0f153750437d0bedc1bbf6c8783461d048d3
-
SHA256
4a966a3c7dbace04643319af41f855d2bc888a986061537a6dce97089bd2322c
-
SHA512
0e539e83a2516bb93993ab3dec49a28efeb6fd59f5f0eab657a3581beb14bfe46ba2f4a4e8db2c46f3db7e4c797362c21fd665695bbfdbea9ca7e912b3673956
Static task
static1
Behavioral task
behavioral1
Sample
4a966a3c7dbace04643319af41f855d2bc888a986061537a6dce97089bd2322c.exe
Resource
win7-20220414-en
Malware Config
Extracted
gozi_ifsb
-
build
217061
Extracted
gozi_ifsb
2000
ax.ikobut.at/webstore
beetfeetlife.bit/webstore
foo.avaregio.at/webstore
api.hamanana.at/webstore
api.ikobut.at/webstore
supp.zapkopw.at/webstore
cdn.avaregio.at/webstore
-
build
217061
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
dns_servers
193.183.98.66
91.217.137.37
192.71.245.208
8.8.8.8
178.17.170.179
82.196.9.45
151.80.222.79
68.183.70.217
217.144.135.7
158.69.160.164
207.148.83.241
5.189.170.196
217.144.132.148
94.247.43.254
188.165.200.156
159.89.249.249
150.249.149.222
-
exe_type
loader
-
server_id
550
Targets
-
-
Target
4a966a3c7dbace04643319af41f855d2bc888a986061537a6dce97089bd2322c
-
Size
285KB
-
MD5
a442cc5b0f5f2f3f906c52887c6fd58d
-
SHA1
d06f0f153750437d0bedc1bbf6c8783461d048d3
-
SHA256
4a966a3c7dbace04643319af41f855d2bc888a986061537a6dce97089bd2322c
-
SHA512
0e539e83a2516bb93993ab3dec49a28efeb6fd59f5f0eab657a3581beb14bfe46ba2f4a4e8db2c46f3db7e4c797362c21fd665695bbfdbea9ca7e912b3673956
-