General

  • Target

    image.dll

  • Size

    295KB

  • Sample

    220210-qyj3dsghd6

  • MD5

    fc3bfcbea189128d395bd97fd0a24433

  • SHA1

    281d8dc9f545771cf98f8712b12170a52a0a08c6

  • SHA256

    6ad6b32328db40db59bbb1a37ab32024ce2b69173fdbd12167d314ef86e24ed2

  • SHA512

    32604ffe3811d7810554000e752415ddaa21f2deb8ad34b3498cbd09721faef10ee5fa71217a09cf95a2b37e3393a828737660d47645011df755094d3d7eb268

Malware Config

Extracted

Family

gozi_ifsb

Botnet

7613

C2

interlines.top

interlines.space

linkspremium.ru

premiumlists.ru

Attributes
  • base_path

    /drew/

  • build

    250225

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      image.dll

    • Size

      295KB

    • MD5

      fc3bfcbea189128d395bd97fd0a24433

    • SHA1

      281d8dc9f545771cf98f8712b12170a52a0a08c6

    • SHA256

      6ad6b32328db40db59bbb1a37ab32024ce2b69173fdbd12167d314ef86e24ed2

    • SHA512

      32604ffe3811d7810554000e752415ddaa21f2deb8ad34b3498cbd09721faef10ee5fa71217a09cf95a2b37e3393a828737660d47645011df755094d3d7eb268

MITRE ATT&CK Enterprise v6

Tasks