General
-
Target
9f2d1eac635d636c11bf0fd605992a2e
-
Size
368KB
-
Sample
231222-qkt1fafhak
-
MD5
9f2d1eac635d636c11bf0fd605992a2e
-
SHA1
f37e51b7b6284cec35eb85e08afb7767daf48809
-
SHA256
5d336e893274c83da23395821010210aeaa44b28fca63c352fc3292502b582ea
-
SHA512
7cefbbae07b6c57301da08d6b9cc2e8530c46bd6d5045c3e49686e0b3429ac2ebb19350edfcc80de3c2551a63cefe939f7271390be333d4362a2158cf804dbed
-
SSDEEP
6144:9pW5yM4eF6MOl7SfFPFY0Hi1PkZkWM6g/2X40CC8rJpDNjM:9Q5yB78fFPTHi1Pku6guI0C3FTM
Static task
static1
Behavioral task
behavioral1
Sample
9f2d1eac635d636c11bf0fd605992a2e.dll
Resource
win7-20231215-en
Malware Config
Extracted
gozi
Extracted
gozi
8877
outlook.com
lureborufer.store
dureborufer.store
-
base_path
/lucene/
-
build
250212
-
dga_season
10
-
exe_type
loader
-
extension
.keq
-
server_id
12
Targets
-
-
Target
9f2d1eac635d636c11bf0fd605992a2e
-
Size
368KB
-
MD5
9f2d1eac635d636c11bf0fd605992a2e
-
SHA1
f37e51b7b6284cec35eb85e08afb7767daf48809
-
SHA256
5d336e893274c83da23395821010210aeaa44b28fca63c352fc3292502b582ea
-
SHA512
7cefbbae07b6c57301da08d6b9cc2e8530c46bd6d5045c3e49686e0b3429ac2ebb19350edfcc80de3c2551a63cefe939f7271390be333d4362a2158cf804dbed
-
SSDEEP
6144:9pW5yM4eF6MOl7SfFPFY0Hi1PkZkWM6g/2X40CC8rJpDNjM:9Q5yB78fFPTHi1Pku6guI0C3FTM
-
Blocklisted process makes network request
-