General

  • Target

    f2612b27262419440eb095376f308ecf5b8ca7d559056baea3a57dffdc32d210

  • Size

    1.2MB

  • Sample

    220214-gz7qeafga6

  • MD5

    93fe4b3bf1f34131ae18f02f53ce083f

  • SHA1

    5e08feace3f87762c3bd518910befff67028ab8b

  • SHA256

    f2612b27262419440eb095376f308ecf5b8ca7d559056baea3a57dffdc32d210

  • SHA512

    93358c866880b785c2ec310a238f1a04fe2e50a8b446a5bd3ad88c42fe9810d6dc95cfceaef3e0008e70bf5f10642de0499da801ad640dd4efc03be77a7bc53f

Malware Config

Extracted

Family

gozi_ifsb

Botnet

3500

C2

app3.maintorna.com

chat.billionady.com

app5.folion.xyz

wer.defone.click

Attributes
  • build

    250188

  • exe_type

    loader

  • server_id

    580

rsa_pubkey.plain
aes.plain

Targets

    • Target

      f2612b27262419440eb095376f308ecf5b8ca7d559056baea3a57dffdc32d210

    • Size

      1.2MB

    • MD5

      93fe4b3bf1f34131ae18f02f53ce083f

    • SHA1

      5e08feace3f87762c3bd518910befff67028ab8b

    • SHA256

      f2612b27262419440eb095376f308ecf5b8ca7d559056baea3a57dffdc32d210

    • SHA512

      93358c866880b785c2ec310a238f1a04fe2e50a8b446a5bd3ad88c42fe9810d6dc95cfceaef3e0008e70bf5f10642de0499da801ad640dd4efc03be77a7bc53f

MITRE ATT&CK Enterprise v6

Tasks