Overview

overview

10

Static

static

10

580-57-0x0...ry.dll

windows7_x64

3

580-57-0x0...ry.dll

windows10-2004_x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    580-57-0x0000000074FF0000-0x0000000075129000-memory.dmp

  • Size

    1.2MB

  • Sample

    220315-qgl6esdbhq

  • MD5

    68b08ed5d734e23158414f6ffaefb773

  • SHA1

    8e0023ad71c7cf98995e828d173994733803d8ac

  • SHA256

    aeb5330deeea4bc417947949baa7955e4e90d5105e73c2f99c82fb69d55582ff

  • SHA512

    cd5092495c25f51c255e526ed1e299fc6704a66d7b513a28eeb4a6d9af29b81b96f7660f6d43410ce0dc3924f3d3960de27ef45a826d6c516b9e3e48a33bb9c0

Score
10/10
gozi_ifsb7623

Malware Config

Extracted

Family

gozi_ifsb

Botnet

7623

C2

atmosphera.top

linkspremium.ru

premiumlists.ru
Attributes
  • base_path

    /drew/

  • build

    250225

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      580-57-0x0000000074FF0000-0x0000000075129000-memory.dmp

    • Size

      1.2MB

    • MD5

      68b08ed5d734e23158414f6ffaefb773

    • SHA1

      8e0023ad71c7cf98995e828d173994733803d8ac

    • SHA256

      aeb5330deeea4bc417947949baa7955e4e90d5105e73c2f99c82fb69d55582ff

    • SHA512

      cd5092495c25f51c255e526ed1e299fc6704a66d7b513a28eeb4a6d9af29b81b96f7660f6d43410ce0dc3924f3d3960de27ef45a826d6c516b9e3e48a33bb9c0

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks