General

  • Target

    1500-57-0x0000000000400000-0x0000000002B21000-memory.dmp

  • Size

    39.1MB

  • Sample

    220321-qkhx6scffp

  • MD5

    1712cb881df4cb9e2af978b72f837db0

  • SHA1

    f20c8962e28c941074127e26190a38f40b9cdcf4

  • SHA256

    c42814a84c6b4a171c9a5b2fef5b2b883c7d25bb1ea4d14c7aa47dcfb3d58a61

  • SHA512

    aade1d3c6e2669371a843e5626f06f3cbecfbed0170e3a7dd29daf097b4ad4309a7abaad32dd7eafe134937e143353e0ce149f556d1ccc9f6b1291fc744d0b4a

Score
10/10

Malware Config

Extracted

Family

gozi_ifsb

Botnet

7620

C2

statilink.top

linkspremium.ru

premiumlists.ru

Attributes
  • base_path

    /drew/

  • build

    250225

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      1500-57-0x0000000000400000-0x0000000002B21000-memory.dmp

    • Size

      39.1MB

    • MD5

      1712cb881df4cb9e2af978b72f837db0

    • SHA1

      f20c8962e28c941074127e26190a38f40b9cdcf4

    • SHA256

      c42814a84c6b4a171c9a5b2fef5b2b883c7d25bb1ea4d14c7aa47dcfb3d58a61

    • SHA512

      aade1d3c6e2669371a843e5626f06f3cbecfbed0170e3a7dd29daf097b4ad4309a7abaad32dd7eafe134937e143353e0ce149f556d1ccc9f6b1291fc744d0b4a

    Score
    1/10

MITRE ATT&CK Matrix

Tasks