General

  • Target

    209866dcf7e8def3731d54e76d074d0681e9d5a66c3c7d8284e2bef264600022

  • Size

    485KB

  • Sample

    220612-n7s1jsfah8

  • MD5

    d142788d816e1ce69d3ae6266c624596

  • SHA1

    e1269993303f796b5feb941706e51f3a99e4dcc1

  • SHA256

    209866dcf7e8def3731d54e76d074d0681e9d5a66c3c7d8284e2bef264600022

  • SHA512

    420481d2391a0bb731e55843feeb49c9e70aea9813bcdb491ba5dd050e577dac5cbd3b657b10fa19ebb5476254a7fd4c3dc0a034392a91dd22fbadace822d965

Malware Config

Extracted

Family

gozi_ifsb

Attributes
  • build

    215165

Extracted

Family

gozi_ifsb

Botnet

3140

C2

isatawatag.com

bosototsuy.com

atamekihok.com

Attributes
  • build

    215165

  • dga_base_url

    constitution.org/usdeclar.txt

  • dga_crc

    0x4eb7d2ca

  • dga_season

    10

  • dga_tlds

    com

    ru

    org

  • exe_type

    loader

  • server_id

    12

rsa_pubkey.plain
serpent.plain

Targets

    • Target

      209866dcf7e8def3731d54e76d074d0681e9d5a66c3c7d8284e2bef264600022

    • Size

      485KB

    • MD5

      d142788d816e1ce69d3ae6266c624596

    • SHA1

      e1269993303f796b5feb941706e51f3a99e4dcc1

    • SHA256

      209866dcf7e8def3731d54e76d074d0681e9d5a66c3c7d8284e2bef264600022

    • SHA512

      420481d2391a0bb731e55843feeb49c9e70aea9813bcdb491ba5dd050e577dac5cbd3b657b10fa19ebb5476254a7fd4c3dc0a034392a91dd22fbadace822d965

MITRE ATT&CK Matrix

Tasks