Overview

overview

10

Static

static

10

0x000e0000...58.exe

windows7-x64

10

0x000e0000...58.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    47s
  • max time network
    51s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    13-10-2022 06:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0x000e0000000122f1-58.exe

  • Size

    37KB

  • MD5

    b7ce4f9f6ecd85bb5edbb6964226fdb6

  • SHA1

    12b28a42e960dfc522348eba37b00ea74a0df527

  • SHA256

    bf5845a6b0df356338cc4ae53dd2cdefcb114bd95f351e55fd430cee5408ffeb

  • SHA512

    1f5588d5b0816bbfc51394f434a9a80a96c68b66ca86a6a3cd53d64bf6a63751902c5f782a15522749231022c2695c6df7fbc604ae1d242f21554269f6d31e86

  • SSDEEP

    768:7QLm41fM01vAoyRdq63goMWPXE2bE/JVMq2LATqeeAeOu2D2wqmLiuU:7L41fMSvVAdqlaPGhVMq2LpeReOb2Pmm

Score
10/10
gozi_ifsb10103bankertrojan

Malware Config

Extracted

Family

gozi_ifsb

Botnet

10103

C2

trackingg-protectioon.cdn1.mozilla.net

45.8.158.104

188.127.224.114

weiqeqwns.com

wdeiqeqwns.com

weiqeqwens.com

weiqewqwns.com

iujdhsndjfks.com
Attributes
  • base_path

    /uploaded/

  • build

    250246

  • exe_type

    loader

  • extension

    .pct

  • server_id

    50

rsa_pubkey.plain
aes.plain

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\0x000e0000000122f1-58.exe
    "C:\Users\Admin\AppData\Local\Temp\0x000e0000000122f1-58.exe"
    1⤵
      PID:1060

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1060-54-0x0000000000030000-0x000000000003D000-memory.dmp

      Filesize

      52KB

      Download