gozi_ifsb | b6ae2706d2176b991b937d48bed5c4af7a76fa1a8778bb28531eddbff3ed289a | Triage

Sharing

General

Target

tmp/b6ae2706d2176b991b937d48bed5c4af7a76fa1a8778bb28531eddbff3ed289a.exe
Size

42KB
Sample

211214-jx8wssfdc5
MD5

82ccb90da20b65bcdad25bdd5a7d6f05
SHA1

ecea5d6a57c1e23010b45d4d04dcc1ffda19e5fe
SHA256

b6ae2706d2176b991b937d48bed5c4af7a76fa1a8778bb28531eddbff3ed289a
SHA512

d85d570d5269cfc945b764d3530680c5910b152247893f5b8a1d108a16b52704547e754d5cda59392aeb28d417ad8e0534c75cee06d3bc636190ebece4cc4a61

Score

10^/10

gozi_ifsb 1500

Malware Config

Extracted

Family

gozi_ifsb

Botnet

1500

C2

apt.updateffboruse.com

app.updatebrouser.com

Attributes

build
250211
exe_type
loader
server_id
580

rsa_pubkey.plain

aes.plain

Targets

- Target
  
  tmp/b6ae2706d2176b991b937d48bed5c4af7a76fa1a8778bb28531eddbff3ed289a.exe
- Size
  
  42KB
- MD5
  
  82ccb90da20b65bcdad25bdd5a7d6f05
- SHA1
  
  ecea5d6a57c1e23010b45d4d04dcc1ffda19e5fe
- SHA256
  
  b6ae2706d2176b991b937d48bed5c4af7a76fa1a8778bb28531eddbff3ed289a
- SHA512
  
  d85d570d5269cfc945b764d3530680c5910b152247893f5b8a1d108a16b52704547e754d5cda59392aeb28d417ad8e0534c75cee06d3bc636190ebece4cc4a61
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2