General

  • Target

    c887b7b0ad16d35114d83e25f723f3c9.dll

  • Size

    937KB

  • Sample

    210528-drt9gm6ggn

  • MD5

    c887b7b0ad16d35114d83e25f723f3c9

  • SHA1

    9e9c1836ef0a0a4e089a643123d1ab77624d2e80

  • SHA256

    7d2d2b783767c912afd95995db9c019b2791eed1c812c90c266353ac372e1fa7

  • SHA512

    7456c2c6c9c39c01c56b316af9da8a19a376acac22cab4a10a473407d2681cec424e1d0eee17332aab8e4b73f53d9f5d06c4d198c2b26bb56c0a75927cd3b7c7

Malware Config

Extracted

Family

gozi_ifsb

Botnet

4500

C2

app3.maintorna.com

chat.billionady.com

app5.folion.xyz

wer.defone.click

Attributes
  • build

    250188

  • exe_type

    loader

  • server_id

    580

rsa_pubkey.base64
serpent.plain

Targets

    • Target

      c887b7b0ad16d35114d83e25f723f3c9.dll

    • Size

      937KB

    • MD5

      c887b7b0ad16d35114d83e25f723f3c9

    • SHA1

      9e9c1836ef0a0a4e089a643123d1ab77624d2e80

    • SHA256

      7d2d2b783767c912afd95995db9c019b2791eed1c812c90c266353ac372e1fa7

    • SHA512

      7456c2c6c9c39c01c56b316af9da8a19a376acac22cab4a10a473407d2681cec424e1d0eee17332aab8e4b73f53d9f5d06c4d198c2b26bb56c0a75927cd3b7c7

MITRE ATT&CK Matrix

Tasks