Overview

overview

10

Static

static

10

266ca400000.dll

windows7_x64

1

266ca400000.dll

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    266ca400000.dll

  • Size

    240KB

  • Sample

    210705-flshnw8jq6

  • MD5

    27ec5f8b0e5261730e05e1c676cfbbab

  • SHA1

    55ca479b6cfd0b1f3686f377c7f7f3f557df962d

  • SHA256

    3c40fb804d63208df19cc7403acff06b9912a5998708bd63cfc94f9bb11ac99d

  • SHA512

    bdfa475d6210a173261650386a8c3494bd8770b5f2dd0d81bfdbb17844d39d7b9c72ea3ca22cdb38ab02e5453a65c1aba97ff93099e18779528c953ca0ace866

Score
10/10
gozi_ifsb4500

Malware Config

Extracted

Family

gozi_ifsb

Botnet

4500

C2

todo.faroin.at

apr.intoolkom.at

r23cirt55ysvtdvl.onion

kas.kargoapp.at

gtk2.jamotbs.at

io.feen007.at

l46t3vgvmtx5wxe6.onion

ad7.finrokab.com

pop.biopiof.at

free.monotreener.com

tbs.fertolir.at

app.flashgameo.at
Attributes
  • exe_type

    worker

  • server_id

    580

rsa_pubkey.plain
serpent.plain

Targets

    • Target

      266ca400000.dll

    • Size

      240KB

    • MD5

      27ec5f8b0e5261730e05e1c676cfbbab

    • SHA1

      55ca479b6cfd0b1f3686f377c7f7f3f557df962d

    • SHA256

      3c40fb804d63208df19cc7403acff06b9912a5998708bd63cfc94f9bb11ac99d

    • SHA512

      bdfa475d6210a173261650386a8c3494bd8770b5f2dd0d81bfdbb17844d39d7b9c72ea3ca22cdb38ab02e5453a65c1aba97ff93099e18779528c953ca0ace866

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks