General
-
Target
f86750e0d8b1082c47d6f9766ab74a98ab95478740f1bdf42030ee8ae9854ac1
-
Size
3.7MB
-
Sample
220725-cyvl8sbbhm
-
MD5
b39c8a5d35fac869aae9f225719f79f4
-
SHA1
eb32c56672e0bbc68bde452f1c92eb1c5dea04fc
-
SHA256
f86750e0d8b1082c47d6f9766ab74a98ab95478740f1bdf42030ee8ae9854ac1
-
SHA512
3ab79d1fdb3254f66d617b1af6f04d4bbcdeb9e6ec6d795f1a3fb18c0dc8ed88cbd0955625aeffeaaa00cd39a06c05ffefbb2ea1cd275c60cbde010d4b3b9ca7
Static task
static1
Behavioral task
behavioral1
Sample
f86750e0d8b1082c47d6f9766ab74a98ab95478740f1bdf42030ee8ae9854ac1.exe
Resource
win7-20220718-en
Malware Config
Extracted
gozi_ifsb
-
build
214098
Extracted
gozi_ifsb
3523
fortinet.com
symantec.com
z39bldfq.com
r79xhiram81ue.com
mlqlqewh.com
-
build
214098
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
Targets
-
-
Target
f86750e0d8b1082c47d6f9766ab74a98ab95478740f1bdf42030ee8ae9854ac1
-
Size
3.7MB
-
MD5
b39c8a5d35fac869aae9f225719f79f4
-
SHA1
eb32c56672e0bbc68bde452f1c92eb1c5dea04fc
-
SHA256
f86750e0d8b1082c47d6f9766ab74a98ab95478740f1bdf42030ee8ae9854ac1
-
SHA512
3ab79d1fdb3254f66d617b1af6f04d4bbcdeb9e6ec6d795f1a3fb18c0dc8ed88cbd0955625aeffeaaa00cd39a06c05ffefbb2ea1cd275c60cbde010d4b3b9ca7
-
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M2 (_2F)
suricata: ET MALWARE Ursnif Variant CnC Beacon - URI Struct M2 (_2F)
-