General

  • Target

    1924-58-0x00000000001E0000-0x000000000025E000-memory.dmp

  • Size

    504KB

  • Sample

    220328-nvxszahgc5

  • MD5

    b7084ab6d6c16a1db481b3b8641c7c13

  • SHA1

    d044c7436d41b2399ad1545a639f0258ffd889ed

  • SHA256

    06ece25766e09ea527e3360625d16cc9e6de3b6d6ab3d1549c1022d6c8574be9

  • SHA512

    7286438d8f2d96fd613489abb72c944311a28f5c6ecd63d2892cbe0ca3278497280557c8783216a937c618e08aa7ac0a310b558c2705b774b0c8292a5a3db2e6

Score
10/10

Malware Config

Extracted

Family

gozi_ifsb

Botnet

3000

C2

config.edge.skype.com

46.30.43.44

185.154.52.213

185.154.53.38

Attributes
  • base_path

    /drew/

  • build

    250225

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      1924-58-0x00000000001E0000-0x000000000025E000-memory.dmp

    • Size

      504KB

    • MD5

      b7084ab6d6c16a1db481b3b8641c7c13

    • SHA1

      d044c7436d41b2399ad1545a639f0258ffd889ed

    • SHA256

      06ece25766e09ea527e3360625d16cc9e6de3b6d6ab3d1549c1022d6c8574be9

    • SHA512

      7286438d8f2d96fd613489abb72c944311a28f5c6ecd63d2892cbe0ca3278497280557c8783216a937c618e08aa7ac0a310b558c2705b774b0c8292a5a3db2e6

    Score
    3/10

MITRE ATT&CK Matrix

Tasks