Analysis
-
max time kernel
137s -
max time network
44s -
platform
windows7_x64 -
resource
win7-20220718-en -
resource tags
arch:x64arch:x86image:win7-20220718-enlocale:en-usos:windows7-x64system -
submitted
24-07-2022 15:11
Static task
static1
Behavioral task
behavioral1
Sample
df43bfaca85e3eb665b072c2730dabf22394f5045dc248f6d9c2824ebbaf5362.exe
Resource
win7-20220718-en
windows7-x64
1 signatures
150 seconds
General
-
Target
df43bfaca85e3eb665b072c2730dabf22394f5045dc248f6d9c2824ebbaf5362.exe
-
Size
215KB
-
MD5
eed413516af27f597f80a1be1c8f61dd
-
SHA1
f77898e8399bfdfb8a931cf902944d03e6ffcf8a
-
SHA256
df43bfaca85e3eb665b072c2730dabf22394f5045dc248f6d9c2824ebbaf5362
-
SHA512
6f08f26a23771addd78639419734a56b860f7f1fa59a466c00628da1731ea4439078e6d1b67b2c1349af95ba171bc191366e54e5000ca41c52ac8544890df2d4
Malware Config
Extracted
Family
gozi_ifsb
Attributes
-
build
215165
Extracted
Family
gozi_ifsb
Botnet
3153
C2
biesbetiop.com
kircherche.com
toforemedi.com
Attributes
-
build
215165
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
rsa_pubkey.plain
serpent.plain