General

  • Target

    82a32b07e9718825d70f0dfe0870d8d27b32ddd1b48e96c97cda91d4c7e04530

  • Size

    227KB

  • Sample

    220524-2vda8aegan

  • MD5

    35a60252c7832c4e7e0589c857489ac9

  • SHA1

    001099f0eebc504b6985b065ddf6c5446df4cf45

  • SHA256

    82a32b07e9718825d70f0dfe0870d8d27b32ddd1b48e96c97cda91d4c7e04530

  • SHA512

    478fec47d60171fb91c6475066971b540f78c8a209bc2c491d890d48282155de88a57bb4acce5044b44a9381de6f8a5e17e053b069a7498ca441a5c3b059973e

Malware Config

Extracted

Family

gozi_rm3

Attributes
  • build

    300869

Extracted

Family

gozi_rm3

Botnet

86920224

C2

https://sibelikinciel.xyz

Attributes
  • build

    300869

  • exe_type

    loader

  • server_id

    12

  • url_path

    index.htm

rsa_pubkey.plain
serpent.plain

Targets

    • Target

      82a32b07e9718825d70f0dfe0870d8d27b32ddd1b48e96c97cda91d4c7e04530

    • Size

      227KB

    • MD5

      35a60252c7832c4e7e0589c857489ac9

    • SHA1

      001099f0eebc504b6985b065ddf6c5446df4cf45

    • SHA256

      82a32b07e9718825d70f0dfe0870d8d27b32ddd1b48e96c97cda91d4c7e04530

    • SHA512

      478fec47d60171fb91c6475066971b540f78c8a209bc2c491d890d48282155de88a57bb4acce5044b44a9381de6f8a5e17e053b069a7498ca441a5c3b059973e

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Modify Registry

1
T1112

Tasks