General
-
Target
f8a1d78eb7691f90053a5d7ad70588bed4c4a5cdd7bc949c368d8c2bc62f95c4.bin.dll
-
Size
802KB
-
Sample
230718-s8rw4acf4t
-
MD5
1ff3761d62cc5ee7c888a8c1bdd9d1ac
-
SHA1
093cb13d256ff3e367cc8c60fe68f96582a35f29
-
SHA256
f8a1d78eb7691f90053a5d7ad70588bed4c4a5cdd7bc949c368d8c2bc62f95c4
-
SHA512
ada337d5aabdae0eb14001e44c56f5be72aa9aafb27a45f61356e0be9f4a0f96dd55d5dfa71cce674f856609af315007ab3ebb5af9daebde6d446912535547af
-
SSDEEP
12288:/+WNeJLmTo/dgvHKRNR7PlB5D9Di/2ytQLP647vpvWhRodzXo/fGRAkMwFroD:/+Q46To/dgPOVP35ZWrs6kvonx6o
Static task
static1
Behavioral task
behavioral1
Sample
f8a1d78eb7691f90053a5d7ad70588bed4c4a5cdd7bc949c368d8c2bc62f95c4.bin.dll
Resource
win7-20230712-en
Malware Config
Extracted
gozi
Extracted
gozi
20000
http://45.11.182.38
http://79.132.130.230
https://listwhfite.check3.yaho1o.com
https://lisfwhite.ch2eck.yaheoo.com
http://45.155.250.58
https://liset.che3ck.bi1ng.com
http://45.155.249.91
-
base_path
/zerotohero/
-
build
250260
-
exe_type
loader
-
extension
.asi
-
server_id
50
Targets
-
-
Target
f8a1d78eb7691f90053a5d7ad70588bed4c4a5cdd7bc949c368d8c2bc62f95c4.bin.dll
-
Size
802KB
-
MD5
1ff3761d62cc5ee7c888a8c1bdd9d1ac
-
SHA1
093cb13d256ff3e367cc8c60fe68f96582a35f29
-
SHA256
f8a1d78eb7691f90053a5d7ad70588bed4c4a5cdd7bc949c368d8c2bc62f95c4
-
SHA512
ada337d5aabdae0eb14001e44c56f5be72aa9aafb27a45f61356e0be9f4a0f96dd55d5dfa71cce674f856609af315007ab3ebb5af9daebde6d446912535547af
-
SSDEEP
12288:/+WNeJLmTo/dgvHKRNR7PlB5D9Di/2ytQLP647vpvWhRodzXo/fGRAkMwFroD:/+Q46To/dgPOVP35ZWrs6kvonx6o
-
Blocklisted process makes network request
-