General

  • Target

    2077c2867bc09158fa46eba364d91c951f23d21cbd1f4bfc7398be6b2c880274

  • Size

    1.6MB

  • Sample

    220612-pnj4zabeer

  • MD5

    c9310febdfcc55fda2c58fa73cb886dc

  • SHA1

    8e5de831277caa1be578b35ce342b35ed4250be1

  • SHA256

    2077c2867bc09158fa46eba364d91c951f23d21cbd1f4bfc7398be6b2c880274

  • SHA512

    432e8f1acabd164760940da3bd84646d866ab30052d13fadbafce60510350baf39af105862d652f29e208516be9a043902b780065ce897afd6746a3c62ecdf82

Malware Config

Extracted

Family

gozi_ifsb

Attributes
  • build

    217173

Extracted

Family

gozi_ifsb

Botnet

3321

C2

vzquiarisb.com

ghousydni.com

z2814jjoa.info

Attributes
  • build

    217173

  • dga_base_url

    constitution.org/usdeclar.txt

  • dga_crc

    0x4eb7d2ca

  • dga_season

    10

  • dga_tlds

    com

    ru

    org

  • exe_type

    loader

  • server_id

    12

rsa_pubkey.plain
serpent.plain

Targets

    • Target

      2077c2867bc09158fa46eba364d91c951f23d21cbd1f4bfc7398be6b2c880274

    • Size

      1.6MB

    • MD5

      c9310febdfcc55fda2c58fa73cb886dc

    • SHA1

      8e5de831277caa1be578b35ce342b35ed4250be1

    • SHA256

      2077c2867bc09158fa46eba364d91c951f23d21cbd1f4bfc7398be6b2c880274

    • SHA512

      432e8f1acabd164760940da3bd84646d866ab30052d13fadbafce60510350baf39af105862d652f29e208516be9a043902b780065ce897afd6746a3c62ecdf82

MITRE ATT&CK Matrix

Tasks