General
-
Target
accd0619d4a388334dbb9db70b4b2ea9
-
Size
368KB
-
Sample
231222-q3aphsecb7
-
MD5
accd0619d4a388334dbb9db70b4b2ea9
-
SHA1
e60d9184b85fa02094552282db4c7cf9f85c59d9
-
SHA256
23e2fcbf22fd61aee484d6d03e6bb8681ac787e333600ba837b44bfaeda8ca4d
-
SHA512
2b17239af22ad3d1188757784033c010b1db680c31f53eb7bba4a8a75e35b0543b347fba4e85b1718aa4c8f1739dffd540cfb783ede5367a775343b81b80af43
-
SSDEEP
6144:PpW5yM4eF6MOl7SfFPFY0Hi1PkZkWM6ge2X4sCC8rJpD9jM:PQ5yB78fFPTHi1Pku6gbIsC3FvM
Static task
static1
Behavioral task
behavioral1
Sample
accd0619d4a388334dbb9db70b4b2ea9.dll
Resource
win7-20231215-en
Malware Config
Extracted
gozi
Extracted
gozi
8877
outlook.com
lureborufer.store
dureborufer.store
-
base_path
/lucene/
-
build
250212
-
dga_season
10
-
exe_type
loader
-
extension
.keq
-
server_id
12
Targets
-
-
Target
accd0619d4a388334dbb9db70b4b2ea9
-
Size
368KB
-
MD5
accd0619d4a388334dbb9db70b4b2ea9
-
SHA1
e60d9184b85fa02094552282db4c7cf9f85c59d9
-
SHA256
23e2fcbf22fd61aee484d6d03e6bb8681ac787e333600ba837b44bfaeda8ca4d
-
SHA512
2b17239af22ad3d1188757784033c010b1db680c31f53eb7bba4a8a75e35b0543b347fba4e85b1718aa4c8f1739dffd540cfb783ede5367a775343b81b80af43
-
SSDEEP
6144:PpW5yM4eF6MOl7SfFPFY0Hi1PkZkWM6ge2X4sCC8rJpD9jM:PQ5yB78fFPTHi1Pku6gbIsC3FvM
-
Blocklisted process makes network request
-