General

  • Target

    50ed0329ffb7ae83f7a8042ef7f6bd5af5f308e52f479965358cfe4d646b1847

  • Size

    273KB

  • Sample

    220321-j45gysacg4

  • MD5

    c0de3291fe744c4941a518ac41cdcd10

  • SHA1

    07a83577f3af719d8cf386d9768edb24a104abab

  • SHA256

    50ed0329ffb7ae83f7a8042ef7f6bd5af5f308e52f479965358cfe4d646b1847

  • SHA512

    a64a7a039a5e2e3639eec32b6e79f8f89cd815a3ea581a944a74d943699b30122351512ed7344d5862fcfc6d85422e6d1d27dc849beb6a5e388928c79daf14e3

Malware Config

Extracted

Family

gozi_ifsb

Botnet

7622

C2

botanlink.top

linkspremium.ru

premiumlists.ru

Attributes
  • base_path

    /drew/

  • build

    250225

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      50ed0329ffb7ae83f7a8042ef7f6bd5af5f308e52f479965358cfe4d646b1847

    • Size

      273KB

    • MD5

      c0de3291fe744c4941a518ac41cdcd10

    • SHA1

      07a83577f3af719d8cf386d9768edb24a104abab

    • SHA256

      50ed0329ffb7ae83f7a8042ef7f6bd5af5f308e52f479965358cfe4d646b1847

    • SHA512

      a64a7a039a5e2e3639eec32b6e79f8f89cd815a3ea581a944a74d943699b30122351512ed7344d5862fcfc6d85422e6d1d27dc849beb6a5e388928c79daf14e3

MITRE ATT&CK Enterprise v6

Tasks