General

  • Target

    aef8910dddfc1c5c009db13160c82aae5af66692effb41469c6490e774a420e3

  • Size

    109KB

  • Sample

    220204-k4km8agchr

  • MD5

    3f4c6007893f638c51305a3098ec555b

  • SHA1

    051ab2b60b3bb17de88f86916cca7409cd255137

  • SHA256

    8e56ed07697a4b8637a0898953ddb58e8dea739404ce32dd78e0a8d795cefae9

  • SHA512

    68437fc56b8bb76cbed3707c011f173e53d1d5eb38f45b1fdef73a6ad9fcad48d55a0a722dc15bec64154645e1db72f63a89249320ad9564e1268e98710505d2

Malware Config

Extracted

Family

gozi_ifsb

Botnet

7610

C2

maybommpump.top

linkspremium.ru

premiumlists.ru

premiumlinks.top

Attributes
  • base_path

    /drew/

  • build

    250225

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      aef8910dddfc1c5c009db13160c82aae5af66692effb41469c6490e774a420e3

    • Size

      243KB

    • MD5

      230bf6f23953675ef0dbfbea32532b0e

    • SHA1

      982f1df09ffaefff82d26df50ed735a29015863c

    • SHA256

      aef8910dddfc1c5c009db13160c82aae5af66692effb41469c6490e774a420e3

    • SHA512

      83074c450fd0a6d6cf09660c7c1c02d00c02fd42da2fb30e7ecb6b1cf376df501344b6ca1541e1b0a97ab31209738246de0c2571aabf0b7b60975570d28db84f

MITRE ATT&CK Matrix

Tasks