Overview

overview

10

Static

static

10

1627c6c0000.dll

windows7_x64

1

1627c6c0000.dll

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1627c6c0000.dll

  • Size

    240KB

  • Sample

    210705-1dhna7j6le

  • MD5

    55362c3915545bdf7e3b8e728331d1ec

  • SHA1

    fc0819f712457036ec4feedc1c171c4ae2edd5fd

  • SHA256

    75fdf8a73aa8c1cf33ec48ad60725aebb8c1258ecd8c9548e8847ec7171addcf

  • SHA512

    e78c3290ca3ecda0454b03dc66e56851325bc8381dd6b8c14588c098ef9f9e7477d1ba0bcce24bd8e7c0fdbbc8ddc1289f7b2f45b2ba81506bae88061469ed59

Score
10/10
gozi_ifsb4500

Malware Config

Extracted

Family

gozi_ifsb

Botnet

4500

C2

todo.faroin.at

apr.intoolkom.at

r23cirt55ysvtdvl.onion

kas.kargoapp.at

gtk2.jamotbs.at

io.feen007.at

l46t3vgvmtx5wxe6.onion

ad7.finrokab.com

pop.biopiof.at

free.monotreener.com

tbs.fertolir.at

app.flashgameo.at
Attributes
  • exe_type

    worker

  • server_id

    580

rsa_pubkey.plain
serpent.plain

Targets

    • Target

      1627c6c0000.dll

    • Size

      240KB

    • MD5

      55362c3915545bdf7e3b8e728331d1ec

    • SHA1

      fc0819f712457036ec4feedc1c171c4ae2edd5fd

    • SHA256

      75fdf8a73aa8c1cf33ec48ad60725aebb8c1258ecd8c9548e8847ec7171addcf

    • SHA512

      e78c3290ca3ecda0454b03dc66e56851325bc8381dd6b8c14588c098ef9f9e7477d1ba0bcce24bd8e7c0fdbbc8ddc1289f7b2f45b2ba81506bae88061469ed59

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks