General
-
Target
d8b549e78f60995f845d3440e1fd50a6
-
Size
701KB
-
Sample
231220-syd79aahc5
-
MD5
d8b549e78f60995f845d3440e1fd50a6
-
SHA1
470e30ffc713396d101949dffeed025e7083919d
-
SHA256
f73b0df56a13548f550be8e48e49209979e7d6256b477d6bc5cd1456c1fb5da1
-
SHA512
7b9fe78042fe09cf7c1f13d5eca24d2302b9cd324894f8be0ad2b63278aa76a41ae0917edd4e7e7b0df234756510f8849c5c10d7c2f23c86519cc64b4f110c37
-
SSDEEP
12288:HUAQSxb6fDEr8Np6b/rPPsjosrS9aEoe+0JCym+4YJAOSVUNcuHIGF4uW/XrGAsB:Hz3xb6fq8Np6bTPPaBreaZlYCOSVol22
Static task
static1
Behavioral task
behavioral1
Sample
d8b549e78f60995f845d3440e1fd50a6.dll
Resource
win7-20231215-en
Malware Config
Extracted
gozi
Extracted
gozi
8899
msn.com/mail
breuranel.website
outlook.com/signup
areuranel.website
-
base_path
/liopolo/
-
build
260212
-
dga_season
10
-
exe_type
loader
-
extension
.jre
-
server_id
12
Targets
-
-
Target
d8b549e78f60995f845d3440e1fd50a6
-
Size
701KB
-
MD5
d8b549e78f60995f845d3440e1fd50a6
-
SHA1
470e30ffc713396d101949dffeed025e7083919d
-
SHA256
f73b0df56a13548f550be8e48e49209979e7d6256b477d6bc5cd1456c1fb5da1
-
SHA512
7b9fe78042fe09cf7c1f13d5eca24d2302b9cd324894f8be0ad2b63278aa76a41ae0917edd4e7e7b0df234756510f8849c5c10d7c2f23c86519cc64b4f110c37
-
SSDEEP
12288:HUAQSxb6fDEr8Np6b/rPPsjosrS9aEoe+0JCym+4YJAOSVUNcuHIGF4uW/XrGAsB:Hz3xb6fq8Np6bTPPaBreaZlYCOSVol22
-
Blocklisted process makes network request
-