General

  • Target

    d90572a776b678358644be72755c7bb3622302d892ee76b2149ccaa326c6551c

  • Size

    1.1MB

  • Sample

    220214-g7rn6ahdgp

  • MD5

    e3b6fb9b8eca3b4add88d394e38479af

  • SHA1

    252cb35540f57d3ce2f064fd13ce19f15c571e44

  • SHA256

    d90572a776b678358644be72755c7bb3622302d892ee76b2149ccaa326c6551c

  • SHA512

    55dd775dbb1f9d4918d688c1ff859d39da47c4fd56c7b8fbaccbc8097d4aeb737340a14a770e73f2532f1a1e9ad2fba787e78f2b8ed944a0c129c08aefe9d519

Malware Config

Extracted

Family

gozi_ifsb

Botnet

2500

C2

app3.maintorna.com

chat.billionady.com

app5.folion.xyz

wer.defone.click

Attributes
  • build

    250188

  • exe_type

    loader

  • server_id

    580

rsa_pubkey.plain
aes.plain

Targets

    • Target

      d90572a776b678358644be72755c7bb3622302d892ee76b2149ccaa326c6551c

    • Size

      1.1MB

    • MD5

      e3b6fb9b8eca3b4add88d394e38479af

    • SHA1

      252cb35540f57d3ce2f064fd13ce19f15c571e44

    • SHA256

      d90572a776b678358644be72755c7bb3622302d892ee76b2149ccaa326c6551c

    • SHA512

      55dd775dbb1f9d4918d688c1ff859d39da47c4fd56c7b8fbaccbc8097d4aeb737340a14a770e73f2532f1a1e9ad2fba787e78f2b8ed944a0c129c08aefe9d519

MITRE ATT&CK Enterprise v6

Tasks