General

  • Target

    Software Two Pty Ltd

  • Size

    279KB

  • Sample

    210525-578q7k73ej

  • MD5

    e51e8d553d497180c028cbd9b3123d32

  • SHA1

    902d5707d5e8d6d4e6f6e60e1b95aea5609723c6

  • SHA256

    8f6b3ca7b7afd249f3fc68f7ff2ce5ca5a206c2a1d123b5ac3aa28bf7f1eabd8

  • SHA512

    5ed08018b744233fd72f3c283b55e3809cc628e6d82edcbdf6f9ae6170c6e20faa8fc499d0949fc68695f98d757701418247b955f261a95bf7b6dc31b155f437

Malware Config

Extracted

Family

gozi_rm3

Botnet

202105141

C2

https://robonight.xyz

Attributes
  • build

    300968

  • exe_type

    loader

  • non_target_locale

    RU

  • server_id

    12

  • url_path

    index.htm

rsa_pubkey.plain
serpent.plain

Targets

    • Target

      Software Two Pty Ltd

    • Size

      279KB

    • MD5

      e51e8d553d497180c028cbd9b3123d32

    • SHA1

      902d5707d5e8d6d4e6f6e60e1b95aea5609723c6

    • SHA256

      8f6b3ca7b7afd249f3fc68f7ff2ce5ca5a206c2a1d123b5ac3aa28bf7f1eabd8

    • SHA512

      5ed08018b744233fd72f3c283b55e3809cc628e6d82edcbdf6f9ae6170c6e20faa8fc499d0949fc68695f98d757701418247b955f261a95bf7b6dc31b155f437

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Modify Registry

1
T1112

Tasks