Analysis
-
max time kernel
119s -
max time network
44s -
platform
windows7_x64 -
resource
win7-20220715-en -
resource tags
arch:x64arch:x86image:win7-20220715-enlocale:en-usos:windows7-x64system -
submitted
31-07-2022 18:38
Static task
static1
Behavioral task
behavioral1
Sample
5efb3445d26e84177a70f2509fd8b10bec30d978d5a55c6e351f0be855570736.exe
Resource
win7-20220715-en
windows7-x64
1 signatures
150 seconds
General
-
Target
5efb3445d26e84177a70f2509fd8b10bec30d978d5a55c6e351f0be855570736.exe
-
Size
269KB
-
MD5
19a3bd994b990b3106b42118fcd72dab
-
SHA1
bae552fa1368ff33f9ce7976ff9b51d800efebef
-
SHA256
5efb3445d26e84177a70f2509fd8b10bec30d978d5a55c6e351f0be855570736
-
SHA512
def2336a153868163d6e266686313ec57e361c1fa80d510053e810a1fd1b5ed8b34f491a67c936ff73a67a0afeb026ade08db97b2e240328899ab73e5d3ed912
Malware Config
Extracted
Family
gozi_ifsb
Attributes
-
build
215165
Extracted
Family
gozi_ifsb
Botnet
3151
C2
zardinglog.com
sycingshbo.com
imminesenc.com
Attributes
-
build
215165
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
rsa_pubkey.plain
serpent.plain