gozi_ifsb | 9dc1bc93c9cfc754b7e3319a7435b7446bcaf03ddc56e6d9003c6878ddf27663 | Triage

Sharing

General

Target

2679a3c0000.dll
Size

222KB
Sample

210928-r4kfsaccem
MD5

0cec0b8c595eca3575f22201205190ba
SHA1

aa2e29260529ecf47dba37c3b241b0f94166d4d1
SHA256

9dc1bc93c9cfc754b7e3319a7435b7446bcaf03ddc56e6d9003c6878ddf27663
SHA512

73232d67f0842c365425ffa8244bcdeacabcb5211346139e3bc5057c7c2e502e1ba7c8a3688329390c9ad46aaba0aa859789a472da1f353d3087089b5e4dcbe8

Score

10^/10

gozi_ifsb 4474

Malware Config

Extracted

Family

gozi_ifsb

Botnet

4474

C2

lycos.com

mail.yahoo.com

193.56.255.251

193.56.255.250

193.56.255.249

numolerunosell.online

gumolerunosell.online

rumolerunosell.online

Attributes

dga_season
10
dga_tlds
com

ru

org
exe_type
worker
server_id
12

rsa_pubkey.plain

serpent.plain

Targets

- Target
  
  2679a3c0000.dll
- Size
  
  222KB
- MD5
  
  0cec0b8c595eca3575f22201205190ba
- SHA1
  
  aa2e29260529ecf47dba37c3b241b0f94166d4d1
- SHA256
  
  9dc1bc93c9cfc754b7e3319a7435b7446bcaf03ddc56e6d9003c6878ddf27663
- SHA512
  
  73232d67f0842c365425ffa8244bcdeacabcb5211346139e3bc5057c7c2e502e1ba7c8a3688329390c9ad46aaba0aa859789a472da1f353d3087089b5e4dcbe8
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2