General

  • Target

    9d9be6c628204970cf06fb9faeaf69fa9100721db000ee9caba78330a0349cd0

  • Size

    351KB

  • Sample

    220321-j45gysacg3

  • MD5

    70ddf6f837dc763af27326e346a20727

  • SHA1

    80526da73dc3d39d1c96fc99d485af711b5961b7

  • SHA256

    9d9be6c628204970cf06fb9faeaf69fa9100721db000ee9caba78330a0349cd0

  • SHA512

    750fb559350b01d3f45542301f5d3833c9aa2b7dfe258e897f30d9d0b38f459d67d2c4e408bb5537cbb60f752921ed4b553d7a81f0fdd4c76bce7371fdc5b0c4

Malware Config

Extracted

Family

gozi_ifsb

Botnet

7620

C2

statilink.top

linkspremium.ru

premiumlists.ru

Attributes
  • base_path

    /drew/

  • build

    250225

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      9d9be6c628204970cf06fb9faeaf69fa9100721db000ee9caba78330a0349cd0

    • Size

      351KB

    • MD5

      70ddf6f837dc763af27326e346a20727

    • SHA1

      80526da73dc3d39d1c96fc99d485af711b5961b7

    • SHA256

      9d9be6c628204970cf06fb9faeaf69fa9100721db000ee9caba78330a0349cd0

    • SHA512

      750fb559350b01d3f45542301f5d3833c9aa2b7dfe258e897f30d9d0b38f459d67d2c4e408bb5537cbb60f752921ed4b553d7a81f0fdd4c76bce7371fdc5b0c4

MITRE ATT&CK Enterprise v6

Tasks