General

  • Target

    what.exe

  • Size

    214KB

  • Sample

    220202-l213vshfep

  • MD5

    d64a7ea872340bf2224c4064a84318c6

  • SHA1

    e8d6d805bb18e87533296676782ffe646721e32d

  • SHA256

    db48576c5b16b91631ac85ee59f5c283509ba622abef591e42cc24212f1c57f7

  • SHA512

    e159b5cc8e80265615c5c84bd741b7263a6e4b9e13a95966a79e489b535c7e664930d36f347411d3a07bba70ac032cc13e2c7aaddb9898f82619cd075fdf0ad0

Malware Config

Extracted

Family

gozi_ifsb

Botnet

7579

C2

securesoft.bar

securemega.bar

mediaservice.bar

Attributes
  • base_path

    /drew/

  • build

    250225

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      what.exe

    • Size

      214KB

    • MD5

      d64a7ea872340bf2224c4064a84318c6

    • SHA1

      e8d6d805bb18e87533296676782ffe646721e32d

    • SHA256

      db48576c5b16b91631ac85ee59f5c283509ba622abef591e42cc24212f1c57f7

    • SHA512

      e159b5cc8e80265615c5c84bd741b7263a6e4b9e13a95966a79e489b535c7e664930d36f347411d3a07bba70ac032cc13e2c7aaddb9898f82619cd075fdf0ad0

MITRE ATT&CK Matrix

Tasks