Analysis
-
max time kernel
141s -
max time network
129s -
platform
windows7_x64 -
resource
win7-20230831-en -
resource tags
arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system -
submitted
12-10-2023 12:21
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
scarica.exe
Resource
win7-20230831-en
windows7-x64
1 signatures
150 seconds
General
-
Target
scarica.exe
-
Size
215KB
-
MD5
24b7a0d1103f1cd63d5c50a306c28a25
-
SHA1
11a7929ac6e59f47c8c2f8d47e4fae752a0f70fc
-
SHA256
4151f81469e5278e9381d10485efbe66e4ca5d8c2f863aa4c3df8e577dc96614
-
SHA512
549d24fc6b00e0a62930712063b96318f8aa31e5cac5c870582b7a04d9716f87ca0291f6e51a3dfe1e943ea9ef9f6ec68d181a2b44879f6039c4014d18181e54
-
SSDEEP
3072:aAX04aiteLTH/KeF6JLg6l8qtm0TzXDJaqzy7dU5TqSITtyl:P04FteLjyeF6WAQyTJzy7d+qSITk
Malware Config
Extracted
Family
gozi
Extracted
Family
gozi
Botnet
5050
C2
https://avas1ta.com/in/login/
192.121.22.216
http://mimemoa.com
Attributes
-
base_path
/jerry/
-
build
250260
-
exe_type
loader
-
extension
.bob
-
server_id
50
rsa_pubkey.plain
aes.plain