General

  • Target

    38d7bb17df3d21059ec269838415457c7442d498678942594e7730c5d132134c

  • Size

    448KB

  • Sample

    220524-2vmvnaaha3

  • MD5

    26c71269eac9b2780e4cb5ca4fe15ae3

  • SHA1

    368e06b6a2871cef2ae72f647ea1aef82f1de456

  • SHA256

    38d7bb17df3d21059ec269838415457c7442d498678942594e7730c5d132134c

  • SHA512

    85eb1fa72e4f8ffbb51f813d5d9807c0a2ea996808eac1c7dc036d837599899135b8b8c525972c47900b97caad5f8f2969cec1813acd8f57f7299744e05dc2de

Malware Config

Extracted

Family

gozi_rm3

Attributes
  • build

    300869

Extracted

Family

gozi_rm3

Botnet

86920233

C2

https://babytoydeals.xyz

Attributes
  • build

    300869

  • exe_type

    loader

  • server_id

    12

  • url_path

    index.htm

rsa_pubkey.plain
1
-----BEGIN PUBLIC KEY-----
2
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtcuHwctpT3bmf4paADaepyyDp
3
gPjb1uBIfiHTo5CuyfS1E3xOw8CruS2k2uE/R0MC+WCVK228Ek0soho+e/lWDfob
4
cu7hpoepXt8afQ3zIvZLFd5ctJFasKFQJbZ5+xcqTdFeJcptsZdanvLdPdzgZz9F
5
336jZDm1gh8sp9KotQIDAQAB
6
-----END PUBLIC KEY-----
serpent.plain
1
3B8vtOdrrNKUQyNr

Targets

    • Target

      38d7bb17df3d21059ec269838415457c7442d498678942594e7730c5d132134c

    • Size

      448KB

    • MD5

      26c71269eac9b2780e4cb5ca4fe15ae3

    • SHA1

      368e06b6a2871cef2ae72f647ea1aef82f1de456

    • SHA256

      38d7bb17df3d21059ec269838415457c7442d498678942594e7730c5d132134c

    • SHA512

      85eb1fa72e4f8ffbb51f813d5d9807c0a2ea996808eac1c7dc036d837599899135b8b8c525972c47900b97caad5f8f2969cec1813acd8f57f7299744e05dc2de

MITRE ATT&CK Enterprise v6

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.