General

  • Target

    foo.exe

  • Size

    937KB

  • Sample

    210607-c9q98w9x1x

  • MD5

    69472b10d51de57775b06fdd0ea739b8

  • SHA1

    04f880281e8f9882d1bad06d0882e70d3b126f1a

  • SHA256

    df68cfc319e0788358d0d843faefddfb9103d8010696d729c64b6c2051520b24

  • SHA512

    54e8824c99a3eef1379672a2ddc6ab007a79e69d24ad5e05551c1698b24256265f7cf76b04812ae005ab6562b30b85ed88b5bfbf105ff8d3215e33c6b0487681

Malware Config

Extracted

Family

gozi_ifsb

Botnet

4500

C2

app3.maintorna.com

chat.billionady.com

app5.folion.xyz

wer.defone.click

Attributes
  • build

    250188

  • exe_type

    loader

  • server_id

    580

rsa_pubkey.base64
serpent.plain

Targets

    • Target

      foo.exe

    • Size

      937KB

    • MD5

      69472b10d51de57775b06fdd0ea739b8

    • SHA1

      04f880281e8f9882d1bad06d0882e70d3b126f1a

    • SHA256

      df68cfc319e0788358d0d843faefddfb9103d8010696d729c64b6c2051520b24

    • SHA512

      54e8824c99a3eef1379672a2ddc6ab007a79e69d24ad5e05551c1698b24256265f7cf76b04812ae005ab6562b30b85ed88b5bfbf105ff8d3215e33c6b0487681

MITRE ATT&CK Matrix

Tasks