General

  • Target

    5205725a56c3ece09a726eb092850f3be25a382a64a6fb177fda7056cf15dd66

  • Size

    312KB

  • Sample

    220326-rcclvsdee6

  • MD5

    5d0389cdf95e23257521430ed3f44bcc

  • SHA1

    65ff7ba34634495409f22c94c90bbcd4f3f0b687

  • SHA256

    5205725a56c3ece09a726eb092850f3be25a382a64a6fb177fda7056cf15dd66

  • SHA512

    52a2f8932d78e26cca64c84ec2384c0ac5058a0603b7401010104d74e7e90dfd0ba8b7c22842749330d0e415e2fae9dbeb8930ddfcde08d3ddfe7396b68841d3

Malware Config

Extracted

Family

gozi_ifsb

Botnet

1001

C2

shop.microsoft.com

loadshemsplot.xyz

Attributes
  • build

    250162

  • dga_season

    10

  • exe_type

    loader

  • server_id

    12

rsa_pubkey.plain
serpent.plain

Targets

    • Target

      5205725a56c3ece09a726eb092850f3be25a382a64a6fb177fda7056cf15dd66

    • Size

      312KB

    • MD5

      5d0389cdf95e23257521430ed3f44bcc

    • SHA1

      65ff7ba34634495409f22c94c90bbcd4f3f0b687

    • SHA256

      5205725a56c3ece09a726eb092850f3be25a382a64a6fb177fda7056cf15dd66

    • SHA512

      52a2f8932d78e26cca64c84ec2384c0ac5058a0603b7401010104d74e7e90dfd0ba8b7c22842749330d0e415e2fae9dbeb8930ddfcde08d3ddfe7396b68841d3

MITRE ATT&CK Enterprise v6

Tasks