gozi_ifsb | 6ccc0051c58ca281d7f1adab000b5bbb4024f5bfc3d7e4c296816f0e167db632 | Triage

Sharing

General

Target

tmp/6ccc0051c58ca281d7f1adab000b5bbb4024f5bfc3d7e4c296816f0e167db632.exe
Size

42KB
Sample

211201-kj93dabaan
MD5

1c04e488e5412d0a6bbdbc83f4ad79df
SHA1

4a526cc6398c88518af67b169ba124c33da74995
SHA256

6ccc0051c58ca281d7f1adab000b5bbb4024f5bfc3d7e4c296816f0e167db632
SHA512

4119b3686fdcfc24d3c800b4715fcd20d12ef257eedaae06c82676fcb53cb717b5b6c497252692a94fcdab364a46ce43ab3f2037561d13cc77fc4b8cdd18be7b

Score

10^/10

gozi_ifsb 8877

Malware Config

Extracted

Family

gozi_ifsb

Botnet

8877

C2

outlook.com

auredosite.club

vuredosite.club

Attributes

build
250206
dga_season
10
exe_type
loader
server_id
12

rsa_pubkey.plain

serpent.plain

Targets

- Target
  
  tmp/6ccc0051c58ca281d7f1adab000b5bbb4024f5bfc3d7e4c296816f0e167db632.exe
- Size
  
  42KB
- MD5
  
  1c04e488e5412d0a6bbdbc83f4ad79df
- SHA1
  
  4a526cc6398c88518af67b169ba124c33da74995
- SHA256
  
  6ccc0051c58ca281d7f1adab000b5bbb4024f5bfc3d7e4c296816f0e167db632
- SHA512
  
  4119b3686fdcfc24d3c800b4715fcd20d12ef257eedaae06c82676fcb53cb717b5b6c497252692a94fcdab364a46ce43ab3f2037561d13cc77fc4b8cdd18be7b
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2