General
-
Target
12123834144.zip
-
Size
132KB
-
Sample
231004-t3a7tsda6z
-
MD5
501be31724a9cc7db6478729121f4c86
-
SHA1
43d2c2b5ec2dfcbd29b44e4d1fe2bf785a70b387
-
SHA256
c0d87b1aabfebda3315eb5958eccd912c7511577f386a03116853b9108aab6c4
-
SHA512
810f1efdd02cc6c89958c5c9cba39c82992a6b669279845b2c241407f518b864dee65d12fa3c2a4b71818b0d6ff7632a827e16a9da8ec3f45334fba4769c61d0
-
SSDEEP
3072:QpnhPOt8C8iY0Ij9Dag8B2Eb14rE5vHlA30Bv:wlS8C8i9IjEpuEhHzv
Behavioral task
behavioral1
Sample
dc641a85150af5ede0e9a4ab23144a578889bbee7163addf9e97b5fab7d09fc8.dll
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
dc641a85150af5ede0e9a4ab23144a578889bbee7163addf9e97b5fab7d09fc8.dll
Resource
win10v2004-20230915-en
Malware Config
Extracted
gozi
2000
trackingg2-protectioon.cdn4.mozilla.net
109.230.199.185
trackingg3-protectioon.cdn5.mozilla.net
185.212.44.249
trackingg4-protectioon.cdn5.mozilla.net
194.76.225.37
trackingg5-protectioon.cdn1.mozilla.net
194.76.224.181
trackingg-protectioon.cdn1.mozilla.net
194.76.225.164
trackingg3-protectioon.cdn6.mozilla.net
185.158.251.205
trackingg-protectioon.cdn2.mozilla.net
185.189.149.216
trackingg5-protectioon.cdn3.mozilla.net
185.158.249.54
trackingg-protectioon.cdn4.mozilla.net
185.212.44.130
trackingg1-protectioon.cdn5.mozilla.net
37.10.71.83
trackinggs-trackingg-protectioon.cdn4.mozilla.net
trackingg-protectioon.cdn5.mozilla.net
-
base_path
/fonts/
-
exe_type
worker
-
extension
.bak
-
server_id
50
Targets
-
-
Target
dc641a85150af5ede0e9a4ab23144a578889bbee7163addf9e97b5fab7d09fc8
-
Size
228KB
-
MD5
5f9e95dd1bac0978260e4ffc091b0fcf
-
SHA1
6c3a2a5879b021cfa9a788a6ce1f997f86e9d297
-
SHA256
dc641a85150af5ede0e9a4ab23144a578889bbee7163addf9e97b5fab7d09fc8
-
SHA512
e3c0b5c0cae5cbc64afd728db2b5f89ea4b2611c6d2ecde9f094efb9429657d83fa235cc0b2664b94da0872e5e833dc267c50dd6fbe4b54905357c24dced3eb5
-
SSDEEP
3072:3lfGqwJTeTEom3lIkR2SCD6q9KgyItk78mV0dfgxT/cqA9w5VgCK5hcjRlxJFoc:3lDosEPR66q9KgylInd6oqA9D5InFoc
Score1/10 -