General
-
Target
60e56ff40a3f53385faed68011dba9e70e63899a91e821527fed3ba8c79d3e4c
-
Size
908KB
-
Sample
221130-rdeslsaf6x
-
MD5
cee291306818412f879ab3df22ad1126
-
SHA1
33f53bc68ece6e129dee0f7f1eb1db43070ff2d0
-
SHA256
60e56ff40a3f53385faed68011dba9e70e63899a91e821527fed3ba8c79d3e4c
-
SHA512
a6428e9a8838ce4e5958a64c531dd29b47adc575eb4f3415eeed261f7da43c6f60badd1d5c1bafd6c4fe2add11a30a13cc03d2d8575db5e85b19ca49bfff9596
-
SSDEEP
1536:tV7RSS9YSCSISCShSCSxAGzsCTXYtFBo45GQG770gSvc1RIVLmyLmRgRLuLkutb+:JuAGBTYzGHsNv6xgRK4VljQaeA
Behavioral task
behavioral1
Sample
60e56ff40a3f53385faed68011dba9e70e63899a91e821527fed3ba8c79d3e4c.exe
Resource
win7-20220812-en
Malware Config
Extracted
gozi
-
build
300854
Extracted
gozi
202004141
https://devicelease.xyz
-
build
300854
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
server_id
12
-
url_path
index.htm
Targets
-
-
Target
60e56ff40a3f53385faed68011dba9e70e63899a91e821527fed3ba8c79d3e4c
-
Size
908KB
-
MD5
cee291306818412f879ab3df22ad1126
-
SHA1
33f53bc68ece6e129dee0f7f1eb1db43070ff2d0
-
SHA256
60e56ff40a3f53385faed68011dba9e70e63899a91e821527fed3ba8c79d3e4c
-
SHA512
a6428e9a8838ce4e5958a64c531dd29b47adc575eb4f3415eeed261f7da43c6f60badd1d5c1bafd6c4fe2add11a30a13cc03d2d8575db5e85b19ca49bfff9596
-
SSDEEP
1536:tV7RSS9YSCSISCShSCSxAGzsCTXYtFBo45GQG770gSvc1RIVLmyLmRgRLuLkutb+:JuAGBTYzGHsNv6xgRK4VljQaeA
-