General

  • Target

    gozi.payload-disk

  • Size

    43KB

  • Sample

    220323-cvvg3aeaa4

  • MD5

    3cc9a5a6ebb76427c9dd0b84dd7788c5

  • SHA1

    4c92cc45117c1c0a869de228b486ba0d1d3076f3

  • SHA256

    695db7129895c6845ae5a49b6d5754654a21921008213b7ce83dc57b65fc8daf

  • SHA512

    03bb93b0c2b10614629f94bf7a64795235886a5c9bcca182bfac1a16c88e9998782f89af18c9d043c963e574f98b09423536833c25e700a2f501ebe36e07fd84

Score
10/10

Malware Config

Extracted

Family

gozi_ifsb

Botnet

7626

C2

buredom.top

linkspremium.ru

premiumlists.ru

Attributes
  • base_path

    /drew/

  • build

    250225

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      gozi.payload-disk

    • Size

      43KB

    • MD5

      3cc9a5a6ebb76427c9dd0b84dd7788c5

    • SHA1

      4c92cc45117c1c0a869de228b486ba0d1d3076f3

    • SHA256

      695db7129895c6845ae5a49b6d5754654a21921008213b7ce83dc57b65fc8daf

    • SHA512

      03bb93b0c2b10614629f94bf7a64795235886a5c9bcca182bfac1a16c88e9998782f89af18c9d043c963e574f98b09423536833c25e700a2f501ebe36e07fd84

    Score
    1/10

MITRE ATT&CK Matrix

Tasks