Analysis
-
max time kernel
42s -
max time network
48s -
platform
windows7_x64 -
resource
win7-20220718-en -
resource tags
arch:x64arch:x86image:win7-20220718-enlocale:en-usos:windows7-x64system -
submitted
25-07-2022 14:58
Static task
static1
Behavioral task
behavioral1
Sample
55cb924b311cd030b2b33bacb4e4e95296350904056f93a632f4d07679afdef3.exe
Resource
win7-20220718-en
windows7-x64
1 signatures
150 seconds
General
-
Target
55cb924b311cd030b2b33bacb4e4e95296350904056f93a632f4d07679afdef3.exe
-
Size
459KB
-
MD5
e89e541eb77442b0ecc741cac9211ed7
-
SHA1
4bb46942fdeb63b1adb5005d0fda3d9f91441e4f
-
SHA256
55cb924b311cd030b2b33bacb4e4e95296350904056f93a632f4d07679afdef3
-
SHA512
5a9967e03cddf38f44db2606ce16757c3da23464202de797d4e1502c1f53e4858d7a375937f3746e91a2a3f8961245a7c08757c15cee72de792b07ae4b76eb55
Malware Config
Extracted
Family
gozi_ifsb
Attributes
-
build
214085
Extracted
Family
gozi_ifsb
Botnet
3428
C2
google.com
gmail.com
ztoy.top
qmiller.club
vipresleynz.com
Attributes
-
build
214085
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
rsa_pubkey.plain
serpent.plain