Analysis
-
max time kernel
38s -
max time network
73s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
12-07-2022 15:47
Static task
static1
Behavioral task
behavioral1
Sample
49bb018a302ee1a392a5067f2d5630c94108ddd515cdad50cd0f932975444a30.exe
Resource
win7-20220414-en
windows7_x64
0 signatures
0 seconds
General
-
Target
49bb018a302ee1a392a5067f2d5630c94108ddd515cdad50cd0f932975444a30.exe
-
Size
376KB
-
MD5
9148c1ecd1cb5f0dd5c367df786dcb48
-
SHA1
04d056f085879049964b5edf4165a989315b1b08
-
SHA256
49bb018a302ee1a392a5067f2d5630c94108ddd515cdad50cd0f932975444a30
-
SHA512
37486da752b7a7d883adb67aa5149d079edf96a29cf1198c2eb470976c5f8f2f8462d58cdc3ff9297eabbf7e208660b89ce1ec9474189cbe2b60954876bee994
Malware Config
Extracted
Family
gozi_ifsb
Attributes
-
build
214062
Extracted
Family
gozi_ifsb
Botnet
3193
C2
fy76qn.email
dst1894.com
w40shailie.city
Attributes
-
build
214062
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
rsa_pubkey.plain
serpent.plain