General
-
Target
c251313754577b923948d506c0a0fbc59674232cebe1ef02fdca216944101293
-
Size
270KB
-
Sample
220724-vzexaacfan
-
MD5
eabfe0920bcf4cf7714f64334bd028c4
-
SHA1
54822f724347aecc5d9d681328a61b5ea4d4f197
-
SHA256
c251313754577b923948d506c0a0fbc59674232cebe1ef02fdca216944101293
-
SHA512
c13d94677d41601d4f085e30738b733355dd177ab30b11b48bfd20c34746940c33822e41a965a1313a03d457c58d722b9a9d853bf39f90afcbf1a51ce7c6c760
Static task
static1
Behavioral task
behavioral1
Sample
c251313754577b923948d506c0a0fbc59674232cebe1ef02fdca216944101293.exe
Resource
win7-20220715-en
Malware Config
Extracted
gozi_ifsb
2000
x1.narutik.at/webstore
cdn5.narutik.at/webstore
api.hartino.at/webstore
voip.hartino.at/webstore
-
build
217072
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
dns_servers
172.104.136.243
8.8.8.8
176.126.70.119
51.15.98.97
193.183.98.66
-
exe_type
loader
-
server_id
550
Targets
-
-
Target
c251313754577b923948d506c0a0fbc59674232cebe1ef02fdca216944101293
-
Size
270KB
-
MD5
eabfe0920bcf4cf7714f64334bd028c4
-
SHA1
54822f724347aecc5d9d681328a61b5ea4d4f197
-
SHA256
c251313754577b923948d506c0a0fbc59674232cebe1ef02fdca216944101293
-
SHA512
c13d94677d41601d4f085e30738b733355dd177ab30b11b48bfd20c34746940c33822e41a965a1313a03d457c58d722b9a9d853bf39f90afcbf1a51ce7c6c760
-