General

  • Target

    1664-56-0x0000000000170000-0x000000000017E000-memory.dmp

  • Size

    56KB

  • Sample

    220323-hw73fadfar

  • MD5

    957bf145eb17dd1e80ffabfe9578de02

  • SHA1

    ab657c6b586d17dec42482660bfcf06b3e546ae1

  • SHA256

    2d54d23157e549d56edfa497620df75e4291413181f4883f91aecdfe9e38ae1a

  • SHA512

    4b1a5c2288d4c8b2b6c401ee27a2fe94d080e246ea28b81fc4a78a8b94c386398f1dc04eea4894567cba514069baaae5ab208784b39b2842fe1323b15d19abf2

Score
10/10

Malware Config

Extracted

Family

gozi_ifsb

Botnet

7626

C2

buredom.top

linkspremium.ru

premiumlists.ru

Attributes
  • base_path

    /drew/

  • build

    250225

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      1664-56-0x0000000000170000-0x000000000017E000-memory.dmp

    • Size

      56KB

    • MD5

      957bf145eb17dd1e80ffabfe9578de02

    • SHA1

      ab657c6b586d17dec42482660bfcf06b3e546ae1

    • SHA256

      2d54d23157e549d56edfa497620df75e4291413181f4883f91aecdfe9e38ae1a

    • SHA512

      4b1a5c2288d4c8b2b6c401ee27a2fe94d080e246ea28b81fc4a78a8b94c386398f1dc04eea4894567cba514069baaae5ab208784b39b2842fe1323b15d19abf2

    Score
    3/10

MITRE ATT&CK Matrix

Tasks