General

  • Target

    readme.txt

  • Size

    396KB

  • Sample

    220216-jsp8wsbdf4

  • MD5

    4a6e16d9cdefd1b6a6d4540fcfbf64b2

  • SHA1

    514c1aa17bb07dff3d56dfe9a2f4942d45dc1b85

  • SHA256

    410eb4b06644f073370230650fe0624ce5dc6e18481b2e85930865a5a3984160

  • SHA512

    1e0a78f7cea20bf8d226a1f4864488c01bb1eeab2f0ecb23c1c2c3a87b5af06b71a29f2f41048536f09890c925d86eb94b2ac17aa32ac639461274d419121fdf

Malware Config

Extracted

Family

gozi_ifsb

Botnet

7614

C2

servicelines.top

servicelines.space

linkspremium.ru

premiumlists.ru

Attributes
  • base_path

    /drew/

  • build

    250225

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      readme.txt

    • Size

      396KB

    • MD5

      4a6e16d9cdefd1b6a6d4540fcfbf64b2

    • SHA1

      514c1aa17bb07dff3d56dfe9a2f4942d45dc1b85

    • SHA256

      410eb4b06644f073370230650fe0624ce5dc6e18481b2e85930865a5a3984160

    • SHA512

      1e0a78f7cea20bf8d226a1f4864488c01bb1eeab2f0ecb23c1c2c3a87b5af06b71a29f2f41048536f09890c925d86eb94b2ac17aa32ac639461274d419121fdf

MITRE ATT&CK Enterprise v6

Tasks