General

  • Target

    1ff412a6e5c6c5bac50753aad019dcdb3575e7ca69d4f838093e99029f7615c7

  • Size

    335KB

  • Sample

    220612-rfqmwsagd4

  • MD5

    545ededa2e015b614244abea01993089

  • SHA1

    b325a0fdd30404e59c0165d06a746900174dafd2

  • SHA256

    1ff412a6e5c6c5bac50753aad019dcdb3575e7ca69d4f838093e99029f7615c7

  • SHA512

    fb8cd2574c549a9a7388b976ee04eb3b65a1d08f4d0b955d7f3c01181e7ffb8d022015e6021208b528229db2843c8185818a07b27bc498e530c1aa3883750d7f

Malware Config

Extracted

Family

gozi_ifsb

Botnet

3347

C2

dnv9619cathy.xyz

twr84ue.com

fgbbonnie.top

Attributes
  • build

    214082

  • dga_base_url

    constitution.org/usdeclar.txt

  • dga_crc

    0x4eb7d2ca

  • dga_season

    10

  • dga_tlds

    com

    ru

    org

  • exe_type

    loader

  • server_id

    12

rsa_pubkey.plain
serpent.plain

Targets

    • Target

      1ff412a6e5c6c5bac50753aad019dcdb3575e7ca69d4f838093e99029f7615c7

    • Size

      335KB

    • MD5

      545ededa2e015b614244abea01993089

    • SHA1

      b325a0fdd30404e59c0165d06a746900174dafd2

    • SHA256

      1ff412a6e5c6c5bac50753aad019dcdb3575e7ca69d4f838093e99029f7615c7

    • SHA512

      fb8cd2574c549a9a7388b976ee04eb3b65a1d08f4d0b955d7f3c01181e7ffb8d022015e6021208b528229db2843c8185818a07b27bc498e530c1aa3883750d7f

MITRE ATT&CK Matrix

Tasks