General
-
Target
900049f66005fc9ce32c4a8f6cba6a2044e4c2866ae4ea8f15b571751fa9c8b3
-
Size
282KB
-
Sample
220724-v9m1msdbbq
-
MD5
ddd42fe8cea5b9560fe9c2f0376d0f7f
-
SHA1
86e49dfee5ef30f789a2a20ac048beee6709d1d0
-
SHA256
900049f66005fc9ce32c4a8f6cba6a2044e4c2866ae4ea8f15b571751fa9c8b3
-
SHA512
26aa16d6f33aeee271a5b210df9a743ddbd4e0fb35deb6fbe6f32a686a898416823fa8a5767ffdbac1cc85baae5f0eb9b548d8d21ad1d2f18da721d3c9662e23
Static task
static1
Behavioral task
behavioral1
Sample
900049f66005fc9ce32c4a8f6cba6a2044e4c2866ae4ea8f15b571751fa9c8b3.exe
Resource
win7-20220718-en
Malware Config
Extracted
gozi_ifsb
2000
beetfeetlife.bit/webstore
api.sorna.at/webstore
supp.rivier.at/webstore
-
build
217072
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
dns_servers
193.183.98.66
91.217.137.37
192.71.245.208
8.8.8.8
178.17.170.179
82.196.9.45
151.80.222.79
68.183.70.217
217.144.135.7
158.69.160.164
207.148.83.241
5.189.170.196
217.144.132.148
94.247.43.254
188.165.200.156
159.89.249.249
150.249.149.222
-
exe_type
loader
-
server_id
550
Targets
-
-
Target
900049f66005fc9ce32c4a8f6cba6a2044e4c2866ae4ea8f15b571751fa9c8b3
-
Size
282KB
-
MD5
ddd42fe8cea5b9560fe9c2f0376d0f7f
-
SHA1
86e49dfee5ef30f789a2a20ac048beee6709d1d0
-
SHA256
900049f66005fc9ce32c4a8f6cba6a2044e4c2866ae4ea8f15b571751fa9c8b3
-
SHA512
26aa16d6f33aeee271a5b210df9a743ddbd4e0fb35deb6fbe6f32a686a898416823fa8a5767ffdbac1cc85baae5f0eb9b548d8d21ad1d2f18da721d3c9662e23
-