General

  • Target

    app.exe

  • Size

    270KB

  • Sample

    220204-kfpl9sfhhr

  • MD5

    2d752f0b4e5c40e3997bce76f9ce76ec

  • SHA1

    28df0b35684a783abaa3de7964470cc062010b45

  • SHA256

    681dbf5bd80611418b92e07abe790dbb7fc9fbe9898b7b214598c3865e2ac1d9

  • SHA512

    d0ed36044ebb40c3a9d01da7dd143b41746a29491062ab8c361ff8a2ad4559870f4ac9dd82c977e929f123008253d92feb2e5815a182ea7560c6593a731178ca

Malware Config

Extracted

Family

gozi_ifsb

Botnet

7610

C2

maybommpump.top

linkspremium.ru

premiumlists.ru

premiumlinks.top

Attributes
  • base_path

    /drew/

  • build

    250225

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      app.exe

    • Size

      270KB

    • MD5

      2d752f0b4e5c40e3997bce76f9ce76ec

    • SHA1

      28df0b35684a783abaa3de7964470cc062010b45

    • SHA256

      681dbf5bd80611418b92e07abe790dbb7fc9fbe9898b7b214598c3865e2ac1d9

    • SHA512

      d0ed36044ebb40c3a9d01da7dd143b41746a29491062ab8c361ff8a2ad4559870f4ac9dd82c977e929f123008253d92feb2e5815a182ea7560c6593a731178ca

MITRE ATT&CK Matrix

Tasks