General

  • Target

    1948-56-0x0000000000400000-0x0000000000475000-memory.dmp

  • Size

    468KB

  • Sample

    220321-qjjs3scfeq

  • MD5

    944c2e1d110d743f3616734d0abc0b14

  • SHA1

    a41cb7985caa16d107fbed1504d196aae3e712f8

  • SHA256

    b2b36f6b05bd7d6fc040e74e46d9e5fbb7f058c7f9ec06af1b3b8b5ea3fb06fa

  • SHA512

    bfb5ce89f0de2ae4d73be67ea8cac5560ea23c2324f9c9836693ece098ca2ea046a2eaa4345e9b0be381adea7aa270ab92e6e58affbbbb31bacaa32c9efce4e1

Score
10/10

Malware Config

Extracted

Family

gozi_ifsb

Botnet

7622

C2

botanlink.top

linkspremium.ru

premiumlists.ru

Attributes
  • base_path

    /drew/

  • build

    250225

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      1948-56-0x0000000000400000-0x0000000000475000-memory.dmp

    • Size

      468KB

    • MD5

      944c2e1d110d743f3616734d0abc0b14

    • SHA1

      a41cb7985caa16d107fbed1504d196aae3e712f8

    • SHA256

      b2b36f6b05bd7d6fc040e74e46d9e5fbb7f058c7f9ec06af1b3b8b5ea3fb06fa

    • SHA512

      bfb5ce89f0de2ae4d73be67ea8cac5560ea23c2324f9c9836693ece098ca2ea046a2eaa4345e9b0be381adea7aa270ab92e6e58affbbbb31bacaa32c9efce4e1

    Score
    1/10

MITRE ATT&CK Matrix

Tasks