General

  • Target

    2ca6d4cf8bca086ef3b8b5fe9a7b1fb4237ffaff1696fadb405573996019d86f

  • Size

    203KB

  • Sample

    220614-1185eafbhn

  • MD5

    cbf24fe6d5f7b9576bf234a7226ca088

  • SHA1

    2e5b3da278bd8eedb613168a288efff2311e328d

  • SHA256

    2ca6d4cf8bca086ef3b8b5fe9a7b1fb4237ffaff1696fadb405573996019d86f

  • SHA512

    057034a5939ee66c42fc6b97e84c98082b39d5654cadb3ffe10357992fd2b925aa05afff91452476a1f3a24e578dc06b7dbd1eec39a6c831817a52d71f3052ff

Malware Config

Extracted

Family

gozi_ifsb

Attributes
  • build

    215165

Extracted

Family

gozi_ifsb

Botnet

3162

C2

menehleibe.com

liemuteste.com

thulligend.com

Attributes
  • build

    215165

  • dga_base_url

    constitution.org/usdeclar.txt

  • dga_crc

    0x4eb7d2ca

  • dga_season

    10

  • dga_tlds

    com

    ru

    org

  • exe_type

    loader

  • server_id

    12

rsa_pubkey.plain
serpent.plain

Targets

    • Target

      2ca6d4cf8bca086ef3b8b5fe9a7b1fb4237ffaff1696fadb405573996019d86f

    • Size

      203KB

    • MD5

      cbf24fe6d5f7b9576bf234a7226ca088

    • SHA1

      2e5b3da278bd8eedb613168a288efff2311e328d

    • SHA256

      2ca6d4cf8bca086ef3b8b5fe9a7b1fb4237ffaff1696fadb405573996019d86f

    • SHA512

      057034a5939ee66c42fc6b97e84c98082b39d5654cadb3ffe10357992fd2b925aa05afff91452476a1f3a24e578dc06b7dbd1eec39a6c831817a52d71f3052ff

MITRE ATT&CK Matrix

Tasks