General

  • Target

    3d91a999dda6a4d97387162a6cd1729b82171f447d40016263739564d6eb1fef

  • Size

    836KB

  • Sample

    220201-rcqtgsfgf2

  • MD5

    e05c258a79820890d4cb1942da2e777a

  • SHA1

    acbe8dc355623eaf9f0105dc1c2de8a04d461d22

  • SHA256

    3d91a999dda6a4d97387162a6cd1729b82171f447d40016263739564d6eb1fef

  • SHA512

    0193bb60e2cb30b8a45176ac26cc7b3c34c90f8912a8a15db8b057b01bf873caec77881d4ac7975fac83d488fb001805ceee1ad793ee8bd012abc04b2770b56d

Malware Config

Extracted

Family

gozi_ifsb

Botnet

7576

C2

museumistat.bar

nnnnnn.bar

nnnnnn.casa

Attributes
  • base_path

    /drew/

  • build

    250224

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      status.dll

    • Size

      1.2MB

    • MD5

      947fe47db34a2654fc7aa76ec2bebec0

    • SHA1

      6e2d76945861c48a2e4552d87583c1a70e6525a2

    • SHA256

      02bb7e5eda106943c37400103a651d11d1ebfd5f4b0a550874328c2c82340923

    • SHA512

      da59273a5782006b2b13012b012db2ddb59441cc7ea3735b355605a29460029f990ec3e25232ab9dc27cf8dad1e27ed4742e4bba1541ca65958d608e38dc6237

MITRE ATT&CK Enterprise v6

Tasks