General

  • Target

    1.css

  • Size

    424KB

  • Sample

    210603-djtxv4xev2

  • MD5

    4732648abe7049072850a16f3e6bbe38

  • SHA1

    52cb2e88e951f2576d53104d88adc47e33bca8e3

  • SHA256

    442fdd74d9c1689153b46e6f7da919471461da326911df19e2fa42dd2f43e254

  • SHA512

    a68ab9dc8b8eb166bc6dd1b2144a82444cd316eb3fabcc344f60d593920c557b1ff1fcb692d6e348075c11f8bee199a745c3f2a732adeea0a85d953e2a3bc05d

Malware Config

Extracted

Family

gozi_ifsb

Botnet

4500

C2

authd.feronok.com

raw.pablowilliano.at

Attributes
  • build

    250188

  • exe_type

    loader

  • server_id

    580

rsa_pubkey.base64
serpent.plain

Targets

    • Target

      1.css

    • Size

      424KB

    • MD5

      4732648abe7049072850a16f3e6bbe38

    • SHA1

      52cb2e88e951f2576d53104d88adc47e33bca8e3

    • SHA256

      442fdd74d9c1689153b46e6f7da919471461da326911df19e2fa42dd2f43e254

    • SHA512

      a68ab9dc8b8eb166bc6dd1b2144a82444cd316eb3fabcc344f60d593920c557b1ff1fcb692d6e348075c11f8bee199a745c3f2a732adeea0a85d953e2a3bc05d

MITRE ATT&CK Matrix

Tasks