Analysis Overview
score
10/10
SHA256
3d05e3f5f662ef39b92dfc1dc6344a400d109bcc6d55c6f7182983f6d1a72541
Threat Level: Known bad
The file a230000.dll was found to be: Known bad.
Malicious Activity Summary
Gozi_ifsb family
MITRE ATT&CK
N/A
Analysis: static1
Detonation Overview
Reported
2022-08-04 15:07
Signatures
Gozi_ifsb family
Analysis: behavioral1
Detonation Overview
Submitted
2022-08-04 15:07
Reported
2022-08-04 15:09
Platform
win7-20220718-en
Max time kernel
42s
Max time network
45s
Command Line
rundll32.exe C:\Users\Admin\AppData\Local\Temp\a230000.dll,#1
Signatures
N/A
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\a230000.dll,#1
Network
N/A
Files
N/A
Analysis: behavioral2
Detonation Overview
Submitted
2022-08-04 15:07
Reported
2022-08-04 15:09
Platform
win10v2004-20220721-en
Max time kernel
84s
Max time network
143s
Command Line
rundll32.exe C:\Users\Admin\AppData\Local\Temp\a230000.dll,#1
Signatures
N/A
Processes
C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\a230000.dll,#1
Network
| Country | Destination | Domain | Proto |
| NL | 2.19.195.233:443 | tcp | |
| DE | 18.194.245.245:443 | tcp | |
| GB | 37.230.138.66:80 | tcp | |
| DE | 46.4.27.39:80 | tcp | |
| US | 192.243.61.225:443 | tcp | |
| NL | 2.19.195.233:443 | tcp | |
| US | 104.19.242.83:443 | tcp | |
| FR | 2.22.22.177:443 | tcp | |
| US | 85.209.157.230:80 | tcp | |
| GB | 37.230.138.123:443 | tcp | |
| DE | 46.4.27.39:80 | tcp | |
| US | 34.227.164.133:80 | tcp | |
| US | 93.184.220.29:80 | tcp | |
| US | 162.247.241.14:443 | tcp | |
| IE | 20.82.209.183:443 | tcp | |
| NL | 65.9.86.102:443 | tcp | |
| FR | 2.18.109.224:443 | tcp | |
| US | 93.184.221.240:80 | tcp | |
| IE | 20.82.209.183:443 | tcp | |
| US | 93.184.221.240:80 | tcp | |
| US | 162.247.241.14:443 | tcp | |
| IE | 20.82.209.183:443 | tcp | |
| NL | 20.50.201.200:443 | tcp | |
| US | 93.184.221.240:80 | tcp | |
| US | 93.184.221.240:80 | tcp | |
| US | 93.184.221.240:80 | tcp | |
| US | 204.79.197.200:443 | tcp | |
| US | 13.107.42.16:443 | tcp | |
| US | 204.79.197.239:443 | tcp | |
| NL | 20.31.106.135:443 | tcp | |
| US | 204.79.197.239:443 | tcp | |
| US | 131.253.33.203:443 | tcp | |
| US | 204.79.197.200:443 | tcp | |
| US | 204.79.197.203:443 | tcp | |
| IE | 20.234.93.27:443 | tcp | |
| NL | 216.58.208.100:80 | tcp |
Files
N/A