General

  • Target

    1808-57-0x0000000000170000-0x000000000017E000-memory.dmp

  • Size

    56KB

  • Sample

    220321-pf4teacah5

  • MD5

    6f72ecaeaf6d8b0a06f0da5ae3754dbe

  • SHA1

    42750e04efcfec1868d5d80287d212e7f2a2abb6

  • SHA256

    15622fff703648c6b515892046f883f4737e55d08e11fec5bbfed084e922ce4c

  • SHA512

    0c9c3c62d630bad4a3245b9e6b30133b6b78f8b0faa3d611ea4ce912d126f380bfbfc0149bdb6d79580acccd12980076165c7b4cc0787816cba2908b8124c3e7

Score
10/10

Malware Config

Extracted

Family

gozi_ifsb

Botnet

7625

C2

sistemliner.top

linkspremium.ru

premiumlists.ru

Attributes
  • base_path

    /drew/

  • build

    250225

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      1808-57-0x0000000000170000-0x000000000017E000-memory.dmp

    • Size

      56KB

    • MD5

      6f72ecaeaf6d8b0a06f0da5ae3754dbe

    • SHA1

      42750e04efcfec1868d5d80287d212e7f2a2abb6

    • SHA256

      15622fff703648c6b515892046f883f4737e55d08e11fec5bbfed084e922ce4c

    • SHA512

      0c9c3c62d630bad4a3245b9e6b30133b6b78f8b0faa3d611ea4ce912d126f380bfbfc0149bdb6d79580acccd12980076165c7b4cc0787816cba2908b8124c3e7

    Score
    3/10

MITRE ATT&CK Matrix

Tasks