General
-
Target
3939.dll
-
Size
803KB
-
Sample
230718-t2hkhsda7x
-
MD5
79c68cde8f43d762c4ecb97d359fc9c4
-
SHA1
05b04bc2e3a9c406b37fa7ba4c4b70deacae8b16
-
SHA256
f08827fd5dba2f6ffda8f931b5f2e1c18012b74ed753ea76a0a511e095eb1648
-
SHA512
c6e261544ea80b982397d42a80023ea20694bb7296284e6ab77fc7615af64c2d14b39187088c26e5536cbe435eac9f89297ad85b2513cbe97d5bf380e253ebef
-
SSDEEP
12288:OU+W2RNfboq2Fxto4obJj6eO/VTzFGF1d3Of1ZB4kd8AzVhml7wIKHaP:p+TNfsq239obV6pNXIF1sN4kdJmpO6P
Static task
static1
Behavioral task
behavioral1
Sample
3939.dll
Resource
win7-20230712-en
Malware Config
Extracted
gozi
Extracted
gozi
20000
http://45.11.182.38
http://79.132.130.230
https://listwhfite.check3.yaho1o.com
https://lisfwhite.ch2eck.yaheoo.com
http://45.155.250.58
https://liset.che3ck.bi1ng.com
http://45.155.249.91
-
base_path
/zerotohero/
-
build
250260
-
exe_type
loader
-
extension
.asi
-
server_id
50
Targets
-
-
Target
3939.dll
-
Size
803KB
-
MD5
79c68cde8f43d762c4ecb97d359fc9c4
-
SHA1
05b04bc2e3a9c406b37fa7ba4c4b70deacae8b16
-
SHA256
f08827fd5dba2f6ffda8f931b5f2e1c18012b74ed753ea76a0a511e095eb1648
-
SHA512
c6e261544ea80b982397d42a80023ea20694bb7296284e6ab77fc7615af64c2d14b39187088c26e5536cbe435eac9f89297ad85b2513cbe97d5bf380e253ebef
-
SSDEEP
12288:OU+W2RNfboq2Fxto4obJj6eO/VTzFGF1d3Of1ZB4kd8AzVhml7wIKHaP:p+TNfsq239obV6pNXIF1sN4kdJmpO6P
-
Blocklisted process makes network request
-