General
-
Target
2952a6ad1ba0a56ea176672f3ec9b1ad8a92836839dc51f592eb253db60c96af_unpacked_dropper
-
Size
367KB
-
Sample
221027-abz74aabbr
-
MD5
45c3677c1f85d800c5ff3d0783bc0472
-
SHA1
38b7e90f6c5bd955a6d14d5b9f86fb22e9cc8020
-
SHA256
217831226a3f69dc927d01f6696315294fcf7c9738ba9955bdbffbd9076ea0aa
-
SHA512
eee6f4f7e6fc1975b1383e785fb638ee190b3692edb005cd094eada268954d7daea77e229f2a7928be3a01b04152f476293f02db5693776a70a03b9a76b839eb
-
SSDEEP
6144:UvBWQQqJizCS6EEXMvZyRC7YmqY28nzXLFy9wvK7SEg7b03oW8rykdvuj5dS17ui:U5WQBE8FX+ZZ77qYBgKv4Xg5RryGWldY
Behavioral task
behavioral1
Sample
2952a6ad1ba0a56ea176672f3ec9b1ad8a92836839dc51f592eb253db60c96af_unpacked_dropper.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
2952a6ad1ba0a56ea176672f3ec9b1ad8a92836839dc51f592eb253db60c96af_unpacked_dropper.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
gozi_ifsb
10008
jscallowallowallowjcli.me
disallowjscuserallow.pw
-
build
215801
-
dga_base_url
z1.zedo.com/robots.txt
-
dga_crc
0x246640bb
-
exe_type
worker
-
server_id
12
Targets
-
-
Target
2952a6ad1ba0a56ea176672f3ec9b1ad8a92836839dc51f592eb253db60c96af_unpacked_dropper
-
Size
367KB
-
MD5
45c3677c1f85d800c5ff3d0783bc0472
-
SHA1
38b7e90f6c5bd955a6d14d5b9f86fb22e9cc8020
-
SHA256
217831226a3f69dc927d01f6696315294fcf7c9738ba9955bdbffbd9076ea0aa
-
SHA512
eee6f4f7e6fc1975b1383e785fb638ee190b3692edb005cd094eada268954d7daea77e229f2a7928be3a01b04152f476293f02db5693776a70a03b9a76b839eb
-
SSDEEP
6144:UvBWQQqJizCS6EEXMvZyRC7YmqY28nzXLFy9wvK7SEg7b03oW8rykdvuj5dS17ui:U5WQBE8FX+ZZ77qYBgKv4Xg5RryGWldY
Score3/10 -