General

  • Target

    42923683022f255205e9e0269abf1d6d676b4b4dfa4afec040fb4b21c24e0676_unpacked_x64

  • Size

    213KB

  • MD5

    513789aa7df7e5e4946db3abebae67d9

  • SHA1

    e3c5dafdd760ce784db60f4246f6fa03f6d658d2

  • SHA256

    2d9b9de594b0e492d22258446ddf99e3962cfd5024345702aa3070a5d77e4c60

  • SHA512

    f471bbe3e0d7a33f28e868c563ccb526713a514c7b8afbc38817c8a7b5bda16cb7ea2303cbbf5eb72902c64ff3344eae632bc098185c99877102909f24866e95

  • SSDEEP

    3072:HUaaULsZBelnhgJjGCL0pYQjI383dyUtq2sbtlroFeq+io3iIDPCiZpFip:HNaULUBelhgQCL0aVedyn5po8q+iSCp

Score
10/10

Malware Config

Extracted

Family

gozi_ifsb

Botnet

1001

Attributes
  • build

    215840

  • dga_base_url

    constitution.org/usdeclar.txt

  • dga_crc

    0x4eb7d2ca

  • exe_type

    worker

  • server_id

    93

rsa_pubkey.plain
serpent.plain

Signatures

Files

  • 42923683022f255205e9e0269abf1d6d676b4b4dfa4afec040fb4b21c24e0676_unpacked_x64
    .dll windows x64

    e75003ca3315f20cb9f243b8f927e406


    Headers

    Imports

    Sections