General

  • Target

    a88eb1440652a0e919ae2a9a8dac1dae.dll

  • Size

    1.0MB

  • Sample

    220317-j2w3ssadgj

  • MD5

    a88eb1440652a0e919ae2a9a8dac1dae

  • SHA1

    4afb78598c94f5a1078a1cf3f30f3ed4495f31d6

  • SHA256

    2cb2f5884d3c1a02febe53b8c8997d070a4c54dc75628714f829b894cf1c73a7

  • SHA512

    c142ebed7ac4162b1001482ca16a60efada69a04e4457c2fca0cc5f449268cc2b94becdf9a09d4b6a844cb0ae5be1055741849b1437ceebeeead5e678b63b07f

Malware Config

Extracted

Family

gozi_ifsb

Botnet

7624

C2

atmospheri.top

linkspremium.ru

premiumlists.ru

Attributes
  • base_path

    /drew/

  • build

    250225

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      a88eb1440652a0e919ae2a9a8dac1dae.dll

    • Size

      1.0MB

    • MD5

      a88eb1440652a0e919ae2a9a8dac1dae

    • SHA1

      4afb78598c94f5a1078a1cf3f30f3ed4495f31d6

    • SHA256

      2cb2f5884d3c1a02febe53b8c8997d070a4c54dc75628714f829b894cf1c73a7

    • SHA512

      c142ebed7ac4162b1001482ca16a60efada69a04e4457c2fca0cc5f449268cc2b94becdf9a09d4b6a844cb0ae5be1055741849b1437ceebeeead5e678b63b07f

MITRE ATT&CK Matrix

Tasks