Overview

overview

10

Static

static

10

c0.exe

windows7-x64

1

c0.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    116s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26-09-2022 13:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c0.exe

  • Size

    37KB

  • MD5

    e1f3b1b510e7c2d9c5606e524d20ed4b

  • SHA1

    b61b6575974fd8e427a0bf15970d99a4b4dd8440

  • SHA256

    c0e28d4e88c59688657c839c344e6c1289002ef0ba461ebbf3cd4b75949312e9

  • SHA512

    50dbd2a22a2ee38a3be7163a539dc9d584a471eef8e443441fbbc48ffe58b35bddbe3256d21c71ea004688058e37e0692fa565f5a2c7a3c1c84910c5b39b4179

  • SSDEEP

    768:/QLm41fM01vAIyRCq63goMWPXE2bE/JVMq2LATqeeAeOu2D2wqmLiut:/L41fMSvxACqlaPGhVMq2LpeReOb2Pmr

Score
10/10
gozi_ifsb10103bankertrojan

Malware Config

Extracted

Family

gozi_ifsb

Botnet

10103

C2

trackingg-protectioon.cdn1.mozilla.net

45.8.158.104

188.127.224.114

weiqeqwns.com

wdeiqeqwns.com

weiqeqwens.com

weiqewqwns.com

iujdhsndjfks.com
Attributes
  • base_path

    /uploaded/

  • build

    250246

  • exe_type

    loader

  • extension

    .pct

  • server_id

    50

rsa_pubkey.plain
aes.plain

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\c0.exe
    "C:\Users\Admin\AppData\Local\Temp\c0.exe"
    1⤵
      PID:1556

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1556-132-0x0000000000450000-0x000000000045D000-memory.dmp

      Filesize

      52KB

      Download