General

  • Target

    25bdab9cf1c2dbb6e96e1b0797a4facaa0c3469164f1653328e4357fb421e061_unpacked_x64

  • Size

    365KB

  • MD5

    7f3bb08e029327bf72614a321d168fc5

  • SHA1

    11318142a225eeb3df6800123318a89128cbd64f

  • SHA256

    315208c0c02409b64d45dbc1e09588e1fda3ff2a0919c118aa927e8168206881

  • SHA512

    06a541ee3e3504300d4448ac9d1ff9086f5bd887df278376d5c518ccf4ab295aa399e16bc984b306e11e55d63ede18860371cd38548512d1f8c2b682db05df4e

  • SSDEEP

    6144:FpCXhArO/UtJ3CAa2oyd8JBglTn3C0nt6e2J62hv4QpoHo0BpqnBVKXClZ5L:FpXrOM/Ha2oyd8YTn3CpP6IgQpoHo0Bk

Score
10/10

Malware Config

Extracted

Family

gozi_ifsb

Botnet

2002

C2

test1.ru

Attributes
  • build

    216843

  • dga_base_url

    opensource.apple.com/source/Security/Security-29/SecureTransport/LICENSE.txt?txt

  • dga_crc

    0x6f0b167a

  • exe_type

    worker

  • server_id

    12

rsa_pubkey.plain
serpent.plain

Signatures

Files

  • 25bdab9cf1c2dbb6e96e1b0797a4facaa0c3469164f1653328e4357fb421e061_unpacked_x64
    .dll windows x64

    febad635625fa5051db98cca6e832f1d


    Headers

    Imports

    Sections