General

  • Target

    02f23031b04660ce5d0a3dbd6862640895e37c649963c02d0b367a17d8422ffe

  • Size

    273KB

  • Sample

    220321-j45gysacg5

  • MD5

    5c95bd06ac65f87d5ca02af3135dcb43

  • SHA1

    bee7ce4c588899fc70042adf7a7c632f2468fe90

  • SHA256

    02f23031b04660ce5d0a3dbd6862640895e37c649963c02d0b367a17d8422ffe

  • SHA512

    c5ec8fc7e7cd1ddcafead09f68b08439ecc55269529fae97717ba8d534f4865bced94580634f58f551874bf26c32cacf35dda3c09ffd56127ac32db4ca932107

Malware Config

Extracted

Family

gozi_ifsb

Botnet

7622

C2

botanlink.top

linkspremium.ru

premiumlists.ru

Attributes
  • base_path

    /drew/

  • build

    250225

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      02f23031b04660ce5d0a3dbd6862640895e37c649963c02d0b367a17d8422ffe

    • Size

      273KB

    • MD5

      5c95bd06ac65f87d5ca02af3135dcb43

    • SHA1

      bee7ce4c588899fc70042adf7a7c632f2468fe90

    • SHA256

      02f23031b04660ce5d0a3dbd6862640895e37c649963c02d0b367a17d8422ffe

    • SHA512

      c5ec8fc7e7cd1ddcafead09f68b08439ecc55269529fae97717ba8d534f4865bced94580634f58f551874bf26c32cacf35dda3c09ffd56127ac32db4ca932107

MITRE ATT&CK Enterprise v6

Tasks