General

  • Target

    xadar7

  • Size

    388KB

  • Sample

    210610-dtxyxmvh5j

  • MD5

    25c2e1969e16e6832b977cbad8a0d3bb

  • SHA1

    26f454e0fcf8437ec9af2c54f07bdde2d0b2cd7e

  • SHA256

    1fa8b3b4043467e12e94010460c7a141529677390a606299385c35b1d4e30a4c

  • SHA512

    b0ac5766eb14b8e4f021ee3179d41df7398923e10add161890b95f293ec9c1e7b6237c7e72c5481121a15a58d0e36727b7d43a28b2707c13b321446105b6d353

Malware Config

Extracted

Family

gozi_ifsb

Botnet

6000

C2

authd.feronok.com

app.bighomegl.at

Attributes
  • build

    250204

  • exe_type

    loader

  • server_id

    580

rsa_pubkey.base64
serpent.plain

Targets

    • Target

      xadar7

    • Size

      388KB

    • MD5

      25c2e1969e16e6832b977cbad8a0d3bb

    • SHA1

      26f454e0fcf8437ec9af2c54f07bdde2d0b2cd7e

    • SHA256

      1fa8b3b4043467e12e94010460c7a141529677390a606299385c35b1d4e30a4c

    • SHA512

      b0ac5766eb14b8e4f021ee3179d41df7398923e10add161890b95f293ec9c1e7b6237c7e72c5481121a15a58d0e36727b7d43a28b2707c13b321446105b6d353

MITRE ATT&CK Matrix

Tasks