General

  • Target

    1032-57-0x00000000001C0000-0x00000000001CE000-memory.dmp

  • Size

    56KB

  • Sample

    220317-q65ztsefc4

  • MD5

    4a0393fcd8bbea5abe77014c584fb76f

  • SHA1

    ce89bc61555b0194555e9c1f0e93af1496f2bc7f

  • SHA256

    7bd24f9d34d7ce593185b0c8947b0f71db20da47df955f845be72756b328c1eb

  • SHA512

    45158e309dd3f040551f34a67df572a29a9b91aa0e22f2588b79552afcfb60dc0e8c91d4740b0ea49c10551acda6cfc3a00f3e83d4d64492526e6010724ec67d

Score
10/10

Malware Config

Extracted

Family

gozi_ifsb

Botnet

7624

C2

atmospheri.top

linkspremium.ru

premiumlists.ru

Attributes
  • base_path

    /drew/

  • build

    250225

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      1032-57-0x00000000001C0000-0x00000000001CE000-memory.dmp

    • Size

      56KB

    • MD5

      4a0393fcd8bbea5abe77014c584fb76f

    • SHA1

      ce89bc61555b0194555e9c1f0e93af1496f2bc7f

    • SHA256

      7bd24f9d34d7ce593185b0c8947b0f71db20da47df955f845be72756b328c1eb

    • SHA512

      45158e309dd3f040551f34a67df572a29a9b91aa0e22f2588b79552afcfb60dc0e8c91d4740b0ea49c10551acda6cfc3a00f3e83d4d64492526e6010724ec67d

    Score
    3/10

MITRE ATT&CK Matrix

Tasks