General

  • Target

    status.dll

  • Size

    1.0MB

  • Sample

    220317-padd9sddh2

  • MD5

    034a0ada972701c9e6241243c82798a5

  • SHA1

    200ee4388830bbc4640f7f8c2b9eea07b84adc7c

  • SHA256

    193c641aa9ed7092639694239d0f477f02ab493d3c525917613a13490533b9fd

  • SHA512

    ee6877200452092c2d31faa8d467547afca03a8e2877d903fef32b3a3058092e0daa39a025cd144a91762f6914f68cd4237d5a424df41427016204d57ada69da

Malware Config

Extracted

Family

gozi_ifsb

Botnet

7624

C2

atmospheri.top

linkspremium.ru

premiumlists.ru

Attributes
  • base_path

    /drew/

  • build

    250225

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      status.dll

    • Size

      1.0MB

    • MD5

      034a0ada972701c9e6241243c82798a5

    • SHA1

      200ee4388830bbc4640f7f8c2b9eea07b84adc7c

    • SHA256

      193c641aa9ed7092639694239d0f477f02ab493d3c525917613a13490533b9fd

    • SHA512

      ee6877200452092c2d31faa8d467547afca03a8e2877d903fef32b3a3058092e0daa39a025cd144a91762f6914f68cd4237d5a424df41427016204d57ada69da

MITRE ATT&CK Matrix

Tasks