General

  • Target

    320192b545d3f45fd588b741c30fb2ec.dll

  • Size

    937KB

  • Sample

    210607-3xd2p3sst2

  • MD5

    320192b545d3f45fd588b741c30fb2ec

  • SHA1

    807433d7c1f8c7629ebcafd9d2c4e6797c82ce16

  • SHA256

    2ee0e0b21737b7f9ecc613be83b7ec84560d0770f794a819afe64f54b0e7743b

  • SHA512

    c95b2c2d1f7cdf5950db9bd655965cbacf3b8d383728db3786de404e68f70bec761dc6101ebbf6b0fc0252ec8626a8c5247cce4e5f378c6a63da648364b158c9

Malware Config

Extracted

Family

gozi_ifsb

Botnet

4500

C2

app3.maintorna.com

chat.billionady.com

app5.folion.xyz

wer.defone.click

Attributes
  • build

    250188

  • exe_type

    loader

  • server_id

    580

rsa_pubkey.base64
serpent.plain

Targets

    • Target

      320192b545d3f45fd588b741c30fb2ec.dll

    • Size

      937KB

    • MD5

      320192b545d3f45fd588b741c30fb2ec

    • SHA1

      807433d7c1f8c7629ebcafd9d2c4e6797c82ce16

    • SHA256

      2ee0e0b21737b7f9ecc613be83b7ec84560d0770f794a819afe64f54b0e7743b

    • SHA512

      c95b2c2d1f7cdf5950db9bd655965cbacf3b8d383728db3786de404e68f70bec761dc6101ebbf6b0fc0252ec8626a8c5247cce4e5f378c6a63da648364b158c9

MITRE ATT&CK Matrix

Tasks