General

  • Target

    1336-56-0x0000000000400000-0x0000000000475000-memory.dmp

  • Size

    468KB

  • Sample

    220321-qjtchscffj

  • MD5

    e4e519f783267f79c1abb1c202bb9362

  • SHA1

    37ddd04faf0ab3e697d175c7ce7cfba8d6a93120

  • SHA256

    54849fd2b4dd1f2a45daa7925277a941424cd85c3fe07d5b754e20da87e887dc

  • SHA512

    3ccc88f71f44d685184b9f865d91ca9066eda4f7dbb32fe8db0cdca753665f7820eda4f8962f20619e396f00ef662066113c5442fd8e231bd231fabd007efabd

Score
10/10

Malware Config

Extracted

Family

gozi_ifsb

Botnet

7622

C2

botanlink.top

linkspremium.ru

premiumlists.ru

Attributes
  • base_path

    /drew/

  • build

    250225

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      1336-56-0x0000000000400000-0x0000000000475000-memory.dmp

    • Size

      468KB

    • MD5

      e4e519f783267f79c1abb1c202bb9362

    • SHA1

      37ddd04faf0ab3e697d175c7ce7cfba8d6a93120

    • SHA256

      54849fd2b4dd1f2a45daa7925277a941424cd85c3fe07d5b754e20da87e887dc

    • SHA512

      3ccc88f71f44d685184b9f865d91ca9066eda4f7dbb32fe8db0cdca753665f7820eda4f8962f20619e396f00ef662066113c5442fd8e231bd231fabd007efabd

    Score
    1/10

MITRE ATT&CK Matrix

Tasks