General

  • Target

    shorefront.eps

  • Size

    384KB

  • Sample

    210603-98bdpq79sj

  • MD5

    b3526bc3c4a61f9f09ac31ee9a5fc8a5

  • SHA1

    d92ac3fa9cca4ed8273111f767e24d8f53896787

  • SHA256

    f4a464c2e5f14cd4c391a9b5ba60deca36ccaa6c1503a097eeb0c5070945d1fb

  • SHA512

    0583e811619ea1ce40c430436e91b8b216fc509e7c75ed7132fdccc9f52f1828f50dbca6cd4b973090962fe6e8b76e298b0fe43b56ea2485810d4dc52e033fdb

Malware Config

Extracted

Family

gozi_ifsb

Botnet

4500

C2

app.buboleinov.com

chat.veminiare.com

chat.billionady.com

app3.maintorna.com

Attributes
  • build

    250188

  • exe_type

    loader

  • server_id

    580

rsa_pubkey.base64
serpent.plain

Targets

    • Target

      shorefront.eps

    • Size

      384KB

    • MD5

      b3526bc3c4a61f9f09ac31ee9a5fc8a5

    • SHA1

      d92ac3fa9cca4ed8273111f767e24d8f53896787

    • SHA256

      f4a464c2e5f14cd4c391a9b5ba60deca36ccaa6c1503a097eeb0c5070945d1fb

    • SHA512

      0583e811619ea1ce40c430436e91b8b216fc509e7c75ed7132fdccc9f52f1828f50dbca6cd4b973090962fe6e8b76e298b0fe43b56ea2485810d4dc52e033fdb

MITRE ATT&CK Matrix

Tasks