gozi_ifsb | 3ce9df2272bb98916f215be5a0943ed0fc06f72eca3bed2385aacc7c1b4c6071 | Triage

Sharing

General

Target

3ce9df2272bb98916f215be5a0943ed0fc06f72eca3bed2385aacc7c1b4c6071
Size

42KB
Sample

211116-1vlf6aceem
MD5

f064bbc17ecabfe4d5122c24f64d1459
SHA1

554e022ea2b52a679da260cf3fd799e90b4fed9e
SHA256

3ce9df2272bb98916f215be5a0943ed0fc06f72eca3bed2385aacc7c1b4c6071
SHA512

73585fac40c4b2046e7612348a3f3e8a78017b069cb05893135f8619394f219efa048d9b07590598207cfa3a9c8cabc53760cb794349d458216a444e80eb817b

Score

10^/10

gozi_ifsb 8899

Malware Config

Extracted

Family

gozi_ifsb

Botnet

8899

C2

msn.com/login

vloderuniok.website

gloderuniok.website

Attributes

build
260212
dga_season
10
exe_type
loader
server_id
12

rsa_pubkey.plain

serpent.plain

Targets

- Target
  
  3ce9df2272bb98916f215be5a0943ed0fc06f72eca3bed2385aacc7c1b4c6071
- Size
  
  42KB
- MD5
  
  f064bbc17ecabfe4d5122c24f64d1459
- SHA1
  
  554e022ea2b52a679da260cf3fd799e90b4fed9e
- SHA256
  
  3ce9df2272bb98916f215be5a0943ed0fc06f72eca3bed2385aacc7c1b4c6071
- SHA512
  
  73585fac40c4b2046e7612348a3f3e8a78017b069cb05893135f8619394f219efa048d9b07590598207cfa3a9c8cabc53760cb794349d458216a444e80eb817b
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2