Analysis
-
max time kernel
146s -
max time network
46s -
platform
windows7_x64 -
resource
win7-20220718-en -
resource tags
arch:x64arch:x86image:win7-20220718-enlocale:en-usos:windows7-x64system -
submitted
24-07-2022 20:03
Static task
static1
Behavioral task
behavioral1
Sample
57c9c361e70e034e4a902cb81a042a2e1e75970d88429cd87042235e7b4f64d5.exe
Resource
win7-20220718-en
windows7-x64
1 signatures
150 seconds
General
-
Target
57c9c361e70e034e4a902cb81a042a2e1e75970d88429cd87042235e7b4f64d5.exe
-
Size
215KB
-
MD5
8c4226ad130129f72c94f4b34d4b0c8a
-
SHA1
6e6bbdf90f6501fee7ca2d1c2fbcffbdb643f831
-
SHA256
57c9c361e70e034e4a902cb81a042a2e1e75970d88429cd87042235e7b4f64d5
-
SHA512
b924862b86ad37c57f8048d86289b68d34045b84697cc00bf2bb6dda3a8946a379c257821686f4c004f4778b6553042a8d727b4c2e20f1b4db706fd6aca7f058
Malware Config
Extracted
Family
gozi_ifsb
Attributes
-
build
215165
Extracted
Family
gozi_ifsb
Botnet
3153
C2
biesbetiop.com
kircherche.com
toforemedi.com
Attributes
-
build
215165
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
rsa_pubkey.plain
serpent.plain