General

  • Target

    2c9ad371db46932c48f7be0b0e54eaa4b6c5d82e792b5198bcf28e10a00272a0

  • Size

    355KB

  • Sample

    220614-168e3afedq

  • MD5

    f31070a28760089b294b724922a51995

  • SHA1

    3240115791a0058896167b1f2470228c1e23b792

  • SHA256

    2c9ad371db46932c48f7be0b0e54eaa4b6c5d82e792b5198bcf28e10a00272a0

  • SHA512

    7544871b50702bbb77d56508a88005cffba7ec3a0808f98a7a5e2337a22542b6aa768280e6be652137cf9e9ac243ebd67bdefa3e5a870d931d9a1a879d172a54

Malware Config

Extracted

Family

gozi_ifsb

Attributes
  • build

    214085

Extracted

Family

gozi_ifsb

Botnet

3431

C2

google.com

gmail.com

zuoashlyc.com

x4fwben.xyz

rreynold77.club

Attributes
  • build

    214085

  • dga_base_url

    constitution.org/usdeclar.txt

  • dga_crc

    0x4eb7d2ca

  • dga_season

    10

  • dga_tlds

    com

    ru

    org

  • exe_type

    loader

  • server_id

    12

rsa_pubkey.plain
serpent.plain

Targets

    • Target

      2c9ad371db46932c48f7be0b0e54eaa4b6c5d82e792b5198bcf28e10a00272a0

    • Size

      355KB

    • MD5

      f31070a28760089b294b724922a51995

    • SHA1

      3240115791a0058896167b1f2470228c1e23b792

    • SHA256

      2c9ad371db46932c48f7be0b0e54eaa4b6c5d82e792b5198bcf28e10a00272a0

    • SHA512

      7544871b50702bbb77d56508a88005cffba7ec3a0808f98a7a5e2337a22542b6aa768280e6be652137cf9e9ac243ebd67bdefa3e5a870d931d9a1a879d172a54

MITRE ATT&CK Matrix

Tasks