General

  • Target

    app.exe

  • Size

    243KB

  • Sample

    220204-jlzhzsfcd4

  • MD5

    230bf6f23953675ef0dbfbea32532b0e

  • SHA1

    982f1df09ffaefff82d26df50ed735a29015863c

  • SHA256

    aef8910dddfc1c5c009db13160c82aae5af66692effb41469c6490e774a420e3

  • SHA512

    83074c450fd0a6d6cf09660c7c1c02d00c02fd42da2fb30e7ecb6b1cf376df501344b6ca1541e1b0a97ab31209738246de0c2571aabf0b7b60975570d28db84f

Malware Config

Extracted

Family

gozi_ifsb

Botnet

7610

C2

maybommpump.top

linkspremium.ru

premiumlists.ru

premiumlinks.top

Attributes
  • base_path

    /drew/

  • build

    250225

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      app.exe

    • Size

      243KB

    • MD5

      230bf6f23953675ef0dbfbea32532b0e

    • SHA1

      982f1df09ffaefff82d26df50ed735a29015863c

    • SHA256

      aef8910dddfc1c5c009db13160c82aae5af66692effb41469c6490e774a420e3

    • SHA512

      83074c450fd0a6d6cf09660c7c1c02d00c02fd42da2fb30e7ecb6b1cf376df501344b6ca1541e1b0a97ab31209738246de0c2571aabf0b7b60975570d28db84f

MITRE ATT&CK Matrix

Tasks