General
-
Target
1dca2b5476755d8ab4c532734143cc36b4d6e6677c680fe8a2ef75fb16991c5a
-
Size
224KB
-
Sample
221128-r8x8fafe5x
-
MD5
41c32f13099b45d1978ce7a7c4a8660e
-
SHA1
0965eaef20dafadd2fc95e107f826fc9e9d94fbe
-
SHA256
1dca2b5476755d8ab4c532734143cc36b4d6e6677c680fe8a2ef75fb16991c5a
-
SHA512
90372f75c55fc279a71ec17417341207e31afa9721c1ef864daa63e31cbc5ffd623b7746bb8cbaf2e8a6cb8a8dcb83e39503eefb6881c3decd33214ccd170f91
-
SSDEEP
6144:wD34rK1f1yB4us/oUAv+sOGqc6c52/xl1IiF5I6cY8E3E:e34rK1fs4uhUR5GqcyLZ5I6cYj3
Static task
static1
Behavioral task
behavioral1
Sample
1dca2b5476755d8ab4c532734143cc36b4d6e6677c680fe8a2ef75fb16991c5a.exe
Resource
win7-20220812-en
Malware Config
Extracted
gozi
Extracted
gozi
1000
arloeiffg.com
deburma.com
-
exe_type
worker
-
server_id
12
Targets
-
-
Target
1dca2b5476755d8ab4c532734143cc36b4d6e6677c680fe8a2ef75fb16991c5a
-
Size
224KB
-
MD5
41c32f13099b45d1978ce7a7c4a8660e
-
SHA1
0965eaef20dafadd2fc95e107f826fc9e9d94fbe
-
SHA256
1dca2b5476755d8ab4c532734143cc36b4d6e6677c680fe8a2ef75fb16991c5a
-
SHA512
90372f75c55fc279a71ec17417341207e31afa9721c1ef864daa63e31cbc5ffd623b7746bb8cbaf2e8a6cb8a8dcb83e39503eefb6881c3decd33214ccd170f91
-
SSDEEP
6144:wD34rK1f1yB4us/oUAv+sOGqc6c52/xl1IiF5I6cY8E3E:e34rK1fs4uhUR5GqcyLZ5I6cYj3
-
Suspicious use of SetThreadContext
-