General

  • Target

    1764-57-0x0000000074CD0000-0x0000000074F7B000-memory.dmp

  • Size

    2.7MB

  • Sample

    220321-qr69cacgcr

  • MD5

    c545397e529b2587deae5d57e77dfb02

  • SHA1

    80f92f7c120058d976866787eb9dcba2c9c1f5db

  • SHA256

    f289ad1941c8ac398a54f60fa8e5f50df9b774b245101815e505fb8dac7d6ccb

  • SHA512

    dcfd4b2887719e2293646250e72f944b289d324246047def8c215edeea66c82f52840e02f008d17b455af05aeb54acc3cc9627b73d308661647162749c8f5d74

Score
10/10

Malware Config

Extracted

Family

gozi_ifsb

Botnet

7613

C2

interlines.top

interlines.space

linkspremium.ru

premiumlists.ru

Attributes
  • base_path

    /drew/

  • build

    250225

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      1764-57-0x0000000074CD0000-0x0000000074F7B000-memory.dmp

    • Size

      2.7MB

    • MD5

      c545397e529b2587deae5d57e77dfb02

    • SHA1

      80f92f7c120058d976866787eb9dcba2c9c1f5db

    • SHA256

      f289ad1941c8ac398a54f60fa8e5f50df9b774b245101815e505fb8dac7d6ccb

    • SHA512

      dcfd4b2887719e2293646250e72f944b289d324246047def8c215edeea66c82f52840e02f008d17b455af05aeb54acc3cc9627b73d308661647162749c8f5d74

    Score
    3/10

MITRE ATT&CK Matrix

Tasks