gozi_ifsb | 1b13ca64d43c95a3e8fea7a7c41fab2d1a0bcfe80575145d4342c3672428f307 | Triage

Sharing

General

Target

8.dll
Size

223KB
Sample

210920-mmn1esdga7
MD5

743e07c4c2ccb80ab58c041d6388e685
SHA1

c5af42bab5d14e63c1cc257989ad25337c8f137e
SHA256

1b13ca64d43c95a3e8fea7a7c41fab2d1a0bcfe80575145d4342c3672428f307
SHA512

23959febacae4a6403c691f69e2dcc2039d443197eecb274cad4a9ba0d93f79dc4aa27f992564e91242f77c7e43fa71dafb87d2b16311d0406ba3cd1bf2011ea

Score

10^/10

gozi_ifsb 8877

Malware Config

Extracted

Family

gozi_ifsb

Botnet

8877

C2

microsoft.com/blog

193.239.84.205

193.239.84.206

193.239.84.207

kloooplooloaaa.nl

jdkloooqppwopppp99.nl

claritymodules.nl

Attributes

dga_season
10
dns_servers
107.174.86.134
107.175.127.22
exe_type
worker
server_id
12

rsa_pubkey.plain

serpent.plain

Targets

- Target
  
  8.dll
- Size
  
  223KB
- MD5
  
  743e07c4c2ccb80ab58c041d6388e685
- SHA1
  
  c5af42bab5d14e63c1cc257989ad25337c8f137e
- SHA256
  
  1b13ca64d43c95a3e8fea7a7c41fab2d1a0bcfe80575145d4342c3672428f307
- SHA512
  
  23959febacae4a6403c691f69e2dcc2039d443197eecb274cad4a9ba0d93f79dc4aa27f992564e91242f77c7e43fa71dafb87d2b16311d0406ba3cd1bf2011ea
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2