General

  • Target

    612-57-0x0000000000400000-0x0000000002C21000-memory.dmp

  • Size

    40.1MB

  • Sample

    220204-m9a23shffq

  • MD5

    2404cc238363c48c6c18ce8fe514268f

  • SHA1

    3254346a84a765979bd772a0c0921f46335a3b54

  • SHA256

    5d7d2d7ca737d11db1228cd9ca78379d8ae16f61f21da845c4274835a02a1b79

  • SHA512

    560a90e2cbf8feb159c2959e7923efdb195862f78bc1575c4470ce332fed19265007be7142ece196eba4e94b1271659e1b72f89480f60be17f8135d7f9b6fa2f

Score
10/10

Malware Config

Extracted

Family

gozi_ifsb

Botnet

7610

C2

maybommpump.top

linkspremium.ru

premiumlists.ru

premiumlinks.top

Attributes
  • base_path

    /drew/

  • build

    250225

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      612-57-0x0000000000400000-0x0000000002C21000-memory.dmp

    • Size

      40.1MB

    • MD5

      2404cc238363c48c6c18ce8fe514268f

    • SHA1

      3254346a84a765979bd772a0c0921f46335a3b54

    • SHA256

      5d7d2d7ca737d11db1228cd9ca78379d8ae16f61f21da845c4274835a02a1b79

    • SHA512

      560a90e2cbf8feb159c2959e7923efdb195862f78bc1575c4470ce332fed19265007be7142ece196eba4e94b1271659e1b72f89480f60be17f8135d7f9b6fa2f

    Score
    1/10

MITRE ATT&CK Enterprise v6

Tasks