gozi_ifsb | f4c17ac1e6f138aced23755a294fba29226d6ad4ad09f72e1a4a3c8699f93b6c | Triage

Sharing

General

Target

238000e0000.dll
Size

242KB
Sample

210924-k5qkvsgdg7
MD5

30ced32629a65fb444dd0883452a47bd
SHA1

fc9dd3e8f20a8282e6dbc7b7837dcc3eceba1f83
SHA256

f4c17ac1e6f138aced23755a294fba29226d6ad4ad09f72e1a4a3c8699f93b6c
SHA512

811cf05134c3a912c6214182867f575134a5f01d89b2da826169250e1fd6cbbeaa6aad74539d01ba2d98c56e5586d2e9bed2558088419bd37bcf393e0992c074

Score

10^/10

gozi_ifsb 1500

Malware Config

Extracted

Family

gozi_ifsb

Botnet

1500

C2

art.microsoftsofymicrosoftsoft.at

r23cirt55ysvtdvl.onion

fop.langoonik.com

poi.redhatbabby.at

pop.biopiof.at

l46t3vgvmtx5wxe6.onion

v10.avyanok.com

apr.intoolkom.at

fgx.dangerboy.at

Attributes

exe_type
worker
server_id
580

rsa_pubkey.plain

aes.plain

Targets

- Target
  
  238000e0000.dll
- Size
  
  242KB
- MD5
  
  30ced32629a65fb444dd0883452a47bd
- SHA1
  
  fc9dd3e8f20a8282e6dbc7b7837dcc3eceba1f83
- SHA256
  
  f4c17ac1e6f138aced23755a294fba29226d6ad4ad09f72e1a4a3c8699f93b6c
- SHA512
  
  811cf05134c3a912c6214182867f575134a5f01d89b2da826169250e1fd6cbbeaa6aad74539d01ba2d98c56e5586d2e9bed2558088419bd37bcf393e0992c074
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2