Overview

overview

10

Static

static

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    5fa905dfe500d33732b09befc6154196dd3b87f67f6c6ff8b65979fb0761a16c

  • Size

    60KB

  • MD5

    76cc86145c143c3ef65c1cc8bdfa15b5

  • SHA1

    20da8825ead10eb88a927f8819d4c2ee38fcf04f

  • SHA256

    5fa905dfe500d33732b09befc6154196dd3b87f67f6c6ff8b65979fb0761a16c

  • SHA512

    8e44c1193f0278a6f494137603dc2e803c3728db0f8127124f1f3671a66e18872349afe426bd84ea7d8b9c1a77addb9897c58ba8c34c65e16a4375dcf1e8127d

  • SSDEEP

    1536:CJvk0zQnUqlalX2BadidGFavPAxChyPBlxxsQVcsGQc1UUWvTWxWL+4/KxCEwW9y:evk0zQnUqlal+adidGFavPAxChyPBlxX

Score
10/10
isfb4780gozi

Malware Config

Extracted

Family

gozi

Botnet

4780

C2

microsoft.com

avast.com
Attributes
  • build

    214084

  • dga_base_url

    constitution.org/usdeclar.txt

  • dga_crc

    0x4eb7d2ca

  • dga_season

    10

  • dga_tlds

    com

    ru

    org

  • exe_type

    loader

  • server_id

    12

rsa_pubkey.plain
serpent.plain

Signatures

Files

  • 5fa905dfe500d33732b09befc6154196dd3b87f67f6c6ff8b65979fb0761a16c