General
-
Target
2952a6ad1ba0a56ea176672f3ec9b1ad8a92836839dc51f592eb253db60c96af_unpacked
-
Size
261KB
-
Sample
221027-abzxbsabbq
-
MD5
b05251161738b4bc6dee62aa4f21665f
-
SHA1
8ff24b1184e51f2ae864f70114428692b636eaf0
-
SHA256
def9435b8197bb085d459e4dab6e34205e8e99e8c4c7a04de97a0b8a16458893
-
SHA512
60e336088f71a6eb8430faefd7b40068de94c9b554a70332f28d9f24a9416ff950ce65dbb1572d1206084feb5b8f67e81f32fc3cc583058106f712edab593fca
-
SSDEEP
6144:/t6K00pbSzCcqlalSwHnFZkCN5BQfccGjlrwxce4GjE:k8pb0Ccqgl/FXN5BxVrwxcm
Behavioral task
behavioral1
Sample
2952a6ad1ba0a56ea176672f3ec9b1ad8a92836839dc51f592eb253db60c96af_unpacked.dll
Resource
win7-20220812-en
Malware Config
Extracted
gozi_ifsb
10008
jscallowallowallowjcli.me
disallowjscuserallow.pw
-
build
215801
-
dga_base_url
z1.zedo.com/robots.txt
-
dga_crc
0x246640bb
-
exe_type
worker
-
server_id
12
Targets
-
-
Target
2952a6ad1ba0a56ea176672f3ec9b1ad8a92836839dc51f592eb253db60c96af_unpacked
-
Size
261KB
-
MD5
b05251161738b4bc6dee62aa4f21665f
-
SHA1
8ff24b1184e51f2ae864f70114428692b636eaf0
-
SHA256
def9435b8197bb085d459e4dab6e34205e8e99e8c4c7a04de97a0b8a16458893
-
SHA512
60e336088f71a6eb8430faefd7b40068de94c9b554a70332f28d9f24a9416ff950ce65dbb1572d1206084feb5b8f67e81f32fc3cc583058106f712edab593fca
-
SSDEEP
6144:/t6K00pbSzCcqlalSwHnFZkCN5BQfccGjlrwxce4GjE:k8pb0Ccqgl/FXN5BxVrwxcm
-