General
-
Target
04fc65e8b542dff64a64e42049d1cf568b967d72bfbcb3d3c3e3b89ec809ee2f
-
Size
280KB
-
Sample
220802-lhrebaeehl
-
MD5
cc1a2af4edb9052043c71f196b3bc35c
-
SHA1
c8d8e0a260cce70dad76698ddcbd2cefffc0e0a8
-
SHA256
04fc65e8b542dff64a64e42049d1cf568b967d72bfbcb3d3c3e3b89ec809ee2f
-
SHA512
8d16eb3d3d7b3d9b2d09a595ebd5d421b6eb9bd3e7b0a45b70b43e8a920883d48c5aa46d5d89de7efab5e0760d32930ace08077290048506dde281a1b8e39465
Static task
static1
Behavioral task
behavioral1
Sample
04fc65e8b542dff64a64e42049d1cf568b967d72bfbcb3d3c3e3b89ec809ee2f.dll
Resource
win7-20220715-en
Malware Config
Extracted
gozi_ifsb
8999
ntrp.msn.com
185.189.151.35
nterp.msn.com
194.76.225.96
-
base_path
/chupa/
-
build
250239
-
exe_type
loader
-
extension
.upa
-
server_id
50
Targets
-
-
Target
04fc65e8b542dff64a64e42049d1cf568b967d72bfbcb3d3c3e3b89ec809ee2f
-
Size
280KB
-
MD5
cc1a2af4edb9052043c71f196b3bc35c
-
SHA1
c8d8e0a260cce70dad76698ddcbd2cefffc0e0a8
-
SHA256
04fc65e8b542dff64a64e42049d1cf568b967d72bfbcb3d3c3e3b89ec809ee2f
-
SHA512
8d16eb3d3d7b3d9b2d09a595ebd5d421b6eb9bd3e7b0a45b70b43e8a920883d48c5aa46d5d89de7efab5e0760d32930ace08077290048506dde281a1b8e39465
-
Blocklisted process makes network request
-