General

  • Target

    e8a3c694fc39f2fc11cc98a039092d9c.dll

  • Size

    937KB

  • Sample

    210524-6q8hht9xj6

  • MD5

    e8a3c694fc39f2fc11cc98a039092d9c

  • SHA1

    5a997bcf52469b57823d7aa171a2d6debc70800b

  • SHA256

    31f3e3dff9f4a1c67b4358b3dea34a4c1ad3ad98f5d58006071ec82543d7ed08

  • SHA512

    ec1a1c3991c3b9c9b923b9ce1799fdf6bcff5e0e7c64fcff95892f001b4cac244eaf1fe84410e418f7dafce301fe08df9f95af1b88d01576e51fc7e438feea47

Malware Config

Extracted

Family

gozi_ifsb

Botnet

4500

C2

app3.maintorna.com

chat.billionady.com

app5.folion.xyz

wer.defone.click

Attributes
  • build

    250188

  • exe_type

    loader

  • server_id

    580

rsa_pubkey.base64
serpent.plain

Targets

    • Target

      e8a3c694fc39f2fc11cc98a039092d9c.dll

    • Size

      937KB

    • MD5

      e8a3c694fc39f2fc11cc98a039092d9c

    • SHA1

      5a997bcf52469b57823d7aa171a2d6debc70800b

    • SHA256

      31f3e3dff9f4a1c67b4358b3dea34a4c1ad3ad98f5d58006071ec82543d7ed08

    • SHA512

      ec1a1c3991c3b9c9b923b9ce1799fdf6bcff5e0e7c64fcff95892f001b4cac244eaf1fe84410e418f7dafce301fe08df9f95af1b88d01576e51fc7e438feea47

MITRE ATT&CK Matrix

Tasks