General

  • Target

    c2e9d4e5f411ee8a6334bcd98a69322fc34b8ca804ed057f7a462e147971b26a

  • Size

    880KB

  • Sample

    210910-hq291ahfc8

  • MD5

    093d1ffcdf039a3051211d3891c47324

  • SHA1

    cb14ef4429ff9f0897d6877c246cc685f48d643b

  • SHA256

    c2e9d4e5f411ee8a6334bcd98a69322fc34b8ca804ed057f7a462e147971b26a

  • SHA512

    8fe1d03b831f141baf8d484f1303dd5a27cdf2c451eb185574852de138123fc203183a905207a96ac33adf12b7bfc8bf2dd74b6410f2fe0c982f2b81389bc106

Malware Config

Extracted

Family

gozi_rm3

Attributes
  • build

    300981

Extracted

Family

gozi_rm3

Botnet

202108021

C2

https://haverit.xyz

Attributes
  • build

    300981

  • exe_type

    loader

  • non_target_locale

    RU

  • server_id

    12

  • url_path

    index.htm

rsa_pubkey.plain
aes.plain

Targets

    • Target

      c2e9d4e5f411ee8a6334bcd98a69322fc34b8ca804ed057f7a462e147971b26a

    • Size

      880KB

    • MD5

      093d1ffcdf039a3051211d3891c47324

    • SHA1

      cb14ef4429ff9f0897d6877c246cc685f48d643b

    • SHA256

      c2e9d4e5f411ee8a6334bcd98a69322fc34b8ca804ed057f7a462e147971b26a

    • SHA512

      8fe1d03b831f141baf8d484f1303dd5a27cdf2c451eb185574852de138123fc203183a905207a96ac33adf12b7bfc8bf2dd74b6410f2fe0c982f2b81389bc106

MITRE ATT&CK Enterprise v6

Tasks