General

  • Target

    1836-56-0x0000000000400000-0x0000000000475000-memory.dmp

  • Size

    468KB

  • Sample

    220321-qj2znacffm

  • MD5

    5a46c50f9c17b0bb4e67cef0ff5feb3c

  • SHA1

    93844d63e798a7ab63c30ac5a043973cd914bbae

  • SHA256

    4a9cd80222b6de68e366627e18349eee97c224597d4d828bb6ef0b05bd5fd20f

  • SHA512

    2802beff1a158866ea6fe28b49e2fa0b45eb7c104bba3d8f2783a057a74a896e99ccb15899f2bdb2f2620f19f9970f03cf06bc93a47f68b59281f96828463b5b

Score
10/10

Malware Config

Extracted

Family

gozi_ifsb

Botnet

7622

C2

botanlink.top

linkspremium.ru

premiumlists.ru

Attributes
  • base_path

    /drew/

  • build

    250225

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      1836-56-0x0000000000400000-0x0000000000475000-memory.dmp

    • Size

      468KB

    • MD5

      5a46c50f9c17b0bb4e67cef0ff5feb3c

    • SHA1

      93844d63e798a7ab63c30ac5a043973cd914bbae

    • SHA256

      4a9cd80222b6de68e366627e18349eee97c224597d4d828bb6ef0b05bd5fd20f

    • SHA512

      2802beff1a158866ea6fe28b49e2fa0b45eb7c104bba3d8f2783a057a74a896e99ccb15899f2bdb2f2620f19f9970f03cf06bc93a47f68b59281f96828463b5b

    Score
    1/10

MITRE ATT&CK Matrix

Tasks