General

  • Target

    02bb7e5eda106943c37400103a651d11d1ebfd5f4b0a550874328c2c82340923

  • Size

    1.2MB

  • Sample

    220201-rgp3rafhb8

  • MD5

    947fe47db34a2654fc7aa76ec2bebec0

  • SHA1

    6e2d76945861c48a2e4552d87583c1a70e6525a2

  • SHA256

    02bb7e5eda106943c37400103a651d11d1ebfd5f4b0a550874328c2c82340923

  • SHA512

    da59273a5782006b2b13012b012db2ddb59441cc7ea3735b355605a29460029f990ec3e25232ab9dc27cf8dad1e27ed4742e4bba1541ca65958d608e38dc6237

Malware Config

Extracted

Family

gozi_ifsb

Botnet

7576

C2

museumistat.bar

nnnnnn.bar

nnnnnn.casa

Attributes
  • base_path

    /drew/

  • build

    250224

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      02bb7e5eda106943c37400103a651d11d1ebfd5f4b0a550874328c2c82340923

    • Size

      1.2MB

    • MD5

      947fe47db34a2654fc7aa76ec2bebec0

    • SHA1

      6e2d76945861c48a2e4552d87583c1a70e6525a2

    • SHA256

      02bb7e5eda106943c37400103a651d11d1ebfd5f4b0a550874328c2c82340923

    • SHA512

      da59273a5782006b2b13012b012db2ddb59441cc7ea3735b355605a29460029f990ec3e25232ab9dc27cf8dad1e27ed4742e4bba1541ca65958d608e38dc6237

MITRE ATT&CK Enterprise v6

Tasks