General

  • Target

    2nd.bin

  • Size

    213KB

  • Sample

    220202-lq5xnshfcr

  • MD5

    1fb95166dda235cb6e5279db1b72722a

  • SHA1

    d32fa44ff6090aff739ce5ad471245bdb9a65a72

  • SHA256

    eb44943385bba67eff81794d2f5667817a6761f13775149c615a543c0e78186c

  • SHA512

    f29202cbbb216925d9226cc79285b88191d0b03b04f32997fd5e11d063455ca4431396071930ce66efd403b869e452281ece1e867f99df4d065c6e8c1e947101

Malware Config

Extracted

Family

gozi_ifsb

Botnet

7579

C2

securesoft.bar

securemega.bar

mediaservice.bar

Attributes
  • base_path

    /drew/

  • build

    250225

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      2nd.bin

    • Size

      213KB

    • MD5

      1fb95166dda235cb6e5279db1b72722a

    • SHA1

      d32fa44ff6090aff739ce5ad471245bdb9a65a72

    • SHA256

      eb44943385bba67eff81794d2f5667817a6761f13775149c615a543c0e78186c

    • SHA512

      f29202cbbb216925d9226cc79285b88191d0b03b04f32997fd5e11d063455ca4431396071930ce66efd403b869e452281ece1e867f99df4d065c6e8c1e947101

MITRE ATT&CK Matrix

Tasks