General

  • Target

    1690e6dc209cf184d37b9ab4a7a66a291ae7c1e045df91c19c5036ba90b3e251

  • Size

    37KB

  • MD5

    e95b96c3cdd316f1be76a3ad746f63bc

  • SHA1

    63fbf324525828bb464cb2f9b793ca29bb83e9d5

  • SHA256

    1690e6dc209cf184d37b9ab4a7a66a291ae7c1e045df91c19c5036ba90b3e251

  • SHA512

    f6b55de10ef749fad45ef5f4e820f63e42285f94c0239dec9d049d0bd81c30ad242254e475ac33260e09b5d47e674e3e17fb73587b7220bfa9aa705dbb54f89c

  • SSDEEP

    768:Q41V8UHIm2fyyr96/SNxoZC/OFYbmVvP0rhAuCzL+rZhgbtuPja1xDiMxy:QefIZfdMexoGvmQhARarEMoxDi0y

Score
10/10

Malware Config

Extracted

Family

gozi_ifsb

Botnet

40000

C2

trackingg-protectioon.cdn1.mozilla.net

45.8.158.104

188.127.224.114

weiqeqwns.com

wdeiqeqwns.com

weiqeqwens.com

weiqewqwns.com

iujdhsndjfks.com

Attributes
  • base_path

    /uploaded/

  • build

    250240

  • exe_type

    loader

  • extension

    .pct

  • server_id

    50

rsa_pubkey.plain
aes.plain

Signatures

Files

  • 1690e6dc209cf184d37b9ab4a7a66a291ae7c1e045df91c19c5036ba90b3e251
    .exe windows x86

    a225a198dd77b77924eb15a705beb665


    Headers

    Imports

    Sections