General

  • Target

    20c1f35e47ef523c33f5067c2713ffb17847cbbc60607db88bbc515271ec467c

  • Size

    3.4MB

  • Sample

    220612-nl61aaeag5

  • MD5

    ddeeb26c48c3e488e5a3141bf2b1ba20

  • SHA1

    cffc009b5dbf75714a3f7f0f8db661a8fc610970

  • SHA256

    20c1f35e47ef523c33f5067c2713ffb17847cbbc60607db88bbc515271ec467c

  • SHA512

    4d038fd508e68aa05d20b8f7c5414712eae09758e89845278a35d29d26f07c7ed7af2fb7934f14c01f70b740a423a31d8119b5eb6167a98a1e6cc394d0dfd7d1

Malware Config

Extracted

Family

gozi_ifsb

Attributes
  • build

    214096

Extracted

Family

gozi_ifsb

Botnet

3478

C2

google.com

gmail.com

waouqk51iu.com

jsztkeagan.club

jkeshaunjakob.club

Attributes
  • build

    214096

  • dga_base_url

    constitution.org/usdeclar.txt

  • dga_crc

    0x4eb7d2ca

  • dga_season

    10

  • dga_tlds

    com

    ru

    org

  • exe_type

    loader

  • server_id

    12

rsa_pubkey.plain
serpent.plain

Targets

    • Target

      20c1f35e47ef523c33f5067c2713ffb17847cbbc60607db88bbc515271ec467c

    • Size

      3.4MB

    • MD5

      ddeeb26c48c3e488e5a3141bf2b1ba20

    • SHA1

      cffc009b5dbf75714a3f7f0f8db661a8fc610970

    • SHA256

      20c1f35e47ef523c33f5067c2713ffb17847cbbc60607db88bbc515271ec467c

    • SHA512

      4d038fd508e68aa05d20b8f7c5414712eae09758e89845278a35d29d26f07c7ed7af2fb7934f14c01f70b740a423a31d8119b5eb6167a98a1e6cc394d0dfd7d1

MITRE ATT&CK Enterprise v6

Tasks