General
-
Target
7fb81b98bb77b54c2f69ab7c19d8bc25
-
Size
605KB
-
Sample
240129-nhp8csgfc4
-
MD5
7fb81b98bb77b54c2f69ab7c19d8bc25
-
SHA1
bfd82e8164088d905576f66f2010e5f1fb1e892f
-
SHA256
6700cc014e9ef5473a909a0c10d644661ccd0750ca942abd458cec91e32bf551
-
SHA512
6a42a3b31cdd34436f92f6eeb29e968a81cde00a69adcae8174231faa9bc7e9ec0f5d4a5f419591cb425ddff936f11a6493310f24f8f3ea83f3993e07996efb5
-
SSDEEP
12288:/edbxfx8d3fbkRXgeSVpZJosJe9ln3KuUliVjjP:/e3fYYRk/Xw9t3KniV
Static task
static1
Behavioral task
behavioral1
Sample
7fb81b98bb77b54c2f69ab7c19d8bc25.dll
Resource
win7-20231215-en
Malware Config
Extracted
gozi
Extracted
gozi
1001
yahoo.com
bogoleruno.website
gogoleruno.website
-
base_path
/gksadk/
-
build
250212
-
dga_base_url
constitution.org/usdeclar.txt
-
dga_crc
0x4eb7d2ca
-
dga_season
10
-
dga_tlds
com
ru
org
-
exe_type
loader
-
extension
.fre
-
server_id
12
Targets
-
-
Target
7fb81b98bb77b54c2f69ab7c19d8bc25
-
Size
605KB
-
MD5
7fb81b98bb77b54c2f69ab7c19d8bc25
-
SHA1
bfd82e8164088d905576f66f2010e5f1fb1e892f
-
SHA256
6700cc014e9ef5473a909a0c10d644661ccd0750ca942abd458cec91e32bf551
-
SHA512
6a42a3b31cdd34436f92f6eeb29e968a81cde00a69adcae8174231faa9bc7e9ec0f5d4a5f419591cb425ddff936f11a6493310f24f8f3ea83f3993e07996efb5
-
SSDEEP
12288:/edbxfx8d3fbkRXgeSVpZJosJe9ln3KuUliVjjP:/e3fYYRk/Xw9t3KniV
-
Blocklisted process makes network request
-