General

  • Target

    e5c6442649340b5a0778902ecfbe0cec.dll

  • Size

    351KB

  • Sample

    220210-jgfv3sgcc3

  • MD5

    e5c6442649340b5a0778902ecfbe0cec

  • SHA1

    368859c657c58874ab97167396feaa729304f881

  • SHA256

    4eae1c5ebdb7b2021913b37477077bde0177579b6f8d43a49bd8a202b45657f4

  • SHA512

    588b3b063212f8487248c0b467e75e145e87f99ab110a61c52463b4af20262597da6a91366f1e2287bde7201d92cc1e34fb1043280d2cfddc950ec09e755c57c

Malware Config

Extracted

Family

gozi_ifsb

Botnet

7613

C2

interlines.top

interlines.space

linkspremium.ru

premiumlists.ru

Attributes
  • base_path

    /drew/

  • build

    250225

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      e5c6442649340b5a0778902ecfbe0cec.dll

    • Size

      351KB

    • MD5

      e5c6442649340b5a0778902ecfbe0cec

    • SHA1

      368859c657c58874ab97167396feaa729304f881

    • SHA256

      4eae1c5ebdb7b2021913b37477077bde0177579b6f8d43a49bd8a202b45657f4

    • SHA512

      588b3b063212f8487248c0b467e75e145e87f99ab110a61c52463b4af20262597da6a91366f1e2287bde7201d92cc1e34fb1043280d2cfddc950ec09e755c57c

MITRE ATT&CK Enterprise v6

Tasks