Overview

overview

10

Static

static

10

file01.ps1

windows7-x64

10

file01.ps1

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    file01.ps1

  • Size

    753KB

  • MD5

    0143ce12f690aaff66f6254f746ca3f9

  • SHA1

    3cf0c1e051439abcbe9e44c1c75e51305f1b77ea

  • SHA256

    780474d08985c7693325b6541c82b13075db01aeb4de2a113e88afd4cc4ba5cd

  • SHA512

    e0308161c4859f8cddb3b6a44864b852c519725b03b025bbdcc0384abfb25053d58499b165be5a41726728e3c8405eaa44784809ce08595231c54e2dad62739d

  • SSDEEP

    1536:Vwwq2KKIkb1O7RSanp5cuaZRiLccsunDiJhRs7HI1xXYWLOx+4G+gW7+wjrNEaDw:VV

Score
10/10
10101gozi_ifsb

Malware Config

Extracted

Family

gozi_ifsb

Botnet

10101

C2

trackingg-protectioon.cdn1.mozilla.net

45.8.158.104

188.127.224.114

weiqeqwns.com

wdeiqeqwns.com

weiqeqwens.com

weiqewqwns.com

iujdhsndjfks.com
Attributes
  • base_path

    /uploaded/

  • exe_type

    worker

  • extension

    .pct

  • server_id

    50

rsa_pubkey.plain
aes.plain

Signatures

Files

  • file01.ps1
    .ps1