General

  • Target

    df0bf86d1a5c41d92c6786c3b79e52f7f271cb453c0cbfc02a5cebbbe7f37e0c

  • Size

    880KB

  • Sample

    210910-k116sschcq

  • MD5

    256a49dad0f6734e98536acbc5376ac5

  • SHA1

    333f64666869d6e47d8fc76375f7e8610abaf549

  • SHA256

    df0bf86d1a5c41d92c6786c3b79e52f7f271cb453c0cbfc02a5cebbbe7f37e0c

  • SHA512

    7bed94bcf9e1cc68bd8daa09a9e7224c42d1787e2c8acd7fbff5fd275ce957a79cf04d31fd4235989acde7836497727552be91ec6720ac36f799c8f46adbd3d3

Malware Config

Extracted

Family

gozi_rm3

Attributes
  • build

    300981

Extracted

Family

gozi_rm3

Botnet

202108021

C2

https://haverit.xyz

Attributes
  • build

    300981

  • exe_type

    loader

  • non_target_locale

    RU

  • server_id

    12

  • url_path

    index.htm

rsa_pubkey.plain
aes.plain

Targets

    • Target

      df0bf86d1a5c41d92c6786c3b79e52f7f271cb453c0cbfc02a5cebbbe7f37e0c

    • Size

      880KB

    • MD5

      256a49dad0f6734e98536acbc5376ac5

    • SHA1

      333f64666869d6e47d8fc76375f7e8610abaf549

    • SHA256

      df0bf86d1a5c41d92c6786c3b79e52f7f271cb453c0cbfc02a5cebbbe7f37e0c

    • SHA512

      7bed94bcf9e1cc68bd8daa09a9e7224c42d1787e2c8acd7fbff5fd275ce957a79cf04d31fd4235989acde7836497727552be91ec6720ac36f799c8f46adbd3d3

MITRE ATT&CK Enterprise v6

Tasks