General

  • Target

    1904-57-0x0000000000400000-0x00000000004ED000-memory.dmp

  • Size

    948KB

  • Sample

    220321-qffl9acec8

  • MD5

    0255051b61d3e3cfb47c1b198daa4891

  • SHA1

    0e6ee39065829736c20224a5e9f37c6ada247ea1

  • SHA256

    5b117bf5ab073c25796be5161042fb3719864ccf4201143f5429d986794810d1

  • SHA512

    88a1bdfd2417d0d769ce11d6f0d5425772b3e057061ae2d329f0e8ed95322513de58529bb1d80c9a8760e133b50cc99ae3351e44c15b5c22941596a3596485dc

Score
10/10

Malware Config

Extracted

Family

gozi_ifsb

Botnet

7622

C2

botanlink.top

linkspremium.ru

premiumlists.ru

Attributes
  • base_path

    /drew/

  • build

    250225

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      1904-57-0x0000000000400000-0x00000000004ED000-memory.dmp

    • Size

      948KB

    • MD5

      0255051b61d3e3cfb47c1b198daa4891

    • SHA1

      0e6ee39065829736c20224a5e9f37c6ada247ea1

    • SHA256

      5b117bf5ab073c25796be5161042fb3719864ccf4201143f5429d986794810d1

    • SHA512

      88a1bdfd2417d0d769ce11d6f0d5425772b3e057061ae2d329f0e8ed95322513de58529bb1d80c9a8760e133b50cc99ae3351e44c15b5c22941596a3596485dc

    Score
    1/10

MITRE ATT&CK Matrix

Tasks