General

  • Target

    a353dfb1b5eb69808244356cf9a784181c53eea2cb3f254749fa19c307c30cfc

  • Size

    68KB

  • Sample

    210331-z7jqder97n

  • MD5

    08872d5cfea82b5e0ccbea0392013acc

  • SHA1

    fff6a5844df8e60213214fbbe687e86fd2d34a93

  • SHA256

    a353dfb1b5eb69808244356cf9a784181c53eea2cb3f254749fa19c307c30cfc

  • SHA512

    34232c94f92f491f0ee73717a4ca4df339adc74ff0bf2b1e7fe24d4f4ba015dba7f91b03c2becfa196d32967d0ab204086a894b26d43f251a96cbbe1563b8ede

Score
10/10

Malware Config

Extracted

Family

gozi_rm3

Botnet

40000

C2

https://daycareforyou.xyz

Attributes
  • build

    300854

  • dga_base_url

    constitution.org/usdeclar.txt

  • dga_crc

    0x4eb7d2ca

  • dga_season

    10

  • dga_tlds

    com

    ru

    org

  • exe_type

    loader

  • server_id

    12

  • url_path

    index.htm

rsa_pubkey.plain
serpent.plain

Targets

    • Target

      a353dfb1b5eb69808244356cf9a784181c53eea2cb3f254749fa19c307c30cfc

    • Size

      68KB

    • MD5

      08872d5cfea82b5e0ccbea0392013acc

    • SHA1

      fff6a5844df8e60213214fbbe687e86fd2d34a93

    • SHA256

      a353dfb1b5eb69808244356cf9a784181c53eea2cb3f254749fa19c307c30cfc

    • SHA512

      34232c94f92f491f0ee73717a4ca4df339adc74ff0bf2b1e7fe24d4f4ba015dba7f91b03c2becfa196d32967d0ab204086a894b26d43f251a96cbbe1563b8ede

    Score
    1/10

MITRE ATT&CK Matrix

Tasks