3b9a8922ad981a162ef91d9e3d55ccbbfee1c2c94f76013a14e95fd3104f6af5

General
Target

3b9a8922ad981a162ef91d9e3d55ccbbfee1c2c94f76013a14e95fd3104f6af5

Size

461KB

Sample

220521-mnczjscag6

Score
10 /10
MD5

8e6212a958d6d53600b9006cb1177f74

SHA1

8f53ef29fede2024e669f7669d1b9d23f35b4fbd

SHA256

3b9a8922ad981a162ef91d9e3d55ccbbfee1c2c94f76013a14e95fd3104f6af5

SHA512

6fae2047ee9d3693052ee0f35f15abf4328bb750be4f988191fc36dc47ae80285eaaaa536ab2a5f5d2de3476d9dcb842667e813959ec537e5ccae60a150fefb7

Malware Config

Extracted

Family gozi_rm3
Attributes
build
300898

Extracted

Family gozi_rm3
Botnet 89820235
C2

https://exeupay.xyz

Attributes
build
300898
exe_type
loader
server_id
12
url_path
index.htm
rsa_pubkey.plain
serpent.plain
Targets
Target

3b9a8922ad981a162ef91d9e3d55ccbbfee1c2c94f76013a14e95fd3104f6af5

MD5

8e6212a958d6d53600b9006cb1177f74

Filesize

461KB

Score
10/10
SHA1

8f53ef29fede2024e669f7669d1b9d23f35b4fbd

SHA256

3b9a8922ad981a162ef91d9e3d55ccbbfee1c2c94f76013a14e95fd3104f6af5

SHA512

6fae2047ee9d3693052ee0f35f15abf4328bb750be4f988191fc36dc47ae80285eaaaa536ab2a5f5d2de3476d9dcb842667e813959ec537e5ccae60a150fefb7

Tags

Signatures

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
        Discovery
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                      Privilege Escalation
                        Tasks

                        static1

                        9/10

                        behavioral1

                        10/10

                        behavioral2

                        10/10