gozi_ifsb | 44b62bc022a43cfa60975be021a4f4d34caead61d23f2a925b7b470899b0195e | Triage

Sharing

General

Target

gozi.payload-disk
Size

43KB
Sample

220302-2mppaagdg4
MD5

c72e3eba124896e10bd8acc54b1565fe
SHA1

d19dd19fae7d61293e1879034b8a784f694b76e9
SHA256

44b62bc022a43cfa60975be021a4f4d34caead61d23f2a925b7b470899b0195e
SHA512

92929eafa1b48b79cbe00a65c7cd82d65261bc472cd2c5f0941bbb2c76a3721de9d0090c6053b9f53ed193a2b3fe9b9ce7406d0781ae52c3985898a318f68595

Score

10^/10

gozi_ifsb 20000

Malware Config

Extracted

Family

gozi_ifsb

Botnet

20000

C2

skype.com/signin

143.198.56.58

Attributes

base_path
/peer/
build
250225
exe_type
loader
extension
.prv
server_id
50

rsa_pubkey.plain

aes.plain

Targets

- Target
  
  gozi.payload-disk
- Size
  
  43KB
- MD5
  
  c72e3eba124896e10bd8acc54b1565fe
- SHA1
  
  d19dd19fae7d61293e1879034b8a784f694b76e9
- SHA256
  
  44b62bc022a43cfa60975be021a4f4d34caead61d23f2a925b7b470899b0195e
- SHA512
  
  92929eafa1b48b79cbe00a65c7cd82d65261bc472cd2c5f0941bbb2c76a3721de9d0090c6053b9f53ed193a2b3fe9b9ce7406d0781ae52c3985898a318f68595
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2