General

  • Target

    2c95afba75ec68ff3a9ef532003bfd31b32d1942053fe0e934cc223ca532e09e

  • Size

    171KB

  • Sample

    220614-19hzksffgl

  • MD5

    b18ebe381915de6c077a472e16fca173

  • SHA1

    9169e5e7f90ce53f5651b2c8ed5af5b1e7c1b2d0

  • SHA256

    2c95afba75ec68ff3a9ef532003bfd31b32d1942053fe0e934cc223ca532e09e

  • SHA512

    2d525a4410f26aee534e60d640196e6bae965b602d35c19743cd5bff279a95e627dac71be7944fe31fee518adc6f9cdcef6e72b84b54101400e57daa04c0eb35

Malware Config

Extracted

Family

gozi_ifsb

Attributes
  • build

    214107

Extracted

Family

gozi_ifsb

Botnet

3545

C2

settings-win.data.microsoft.com

bjanicki.com

h16uaramiro.com

z63gggermanaa.com

Attributes
  • build

    214107

  • dga_base_url

    constitution.org/usdeclar.txt

  • dga_crc

    0x4eb7d2ca

  • dga_season

    10

  • dga_tlds

    com

    ru

    org

  • exe_type

    loader

  • server_id

    12

rsa_pubkey.plain
serpent.plain

Targets

    • Target

      2c95afba75ec68ff3a9ef532003bfd31b32d1942053fe0e934cc223ca532e09e

    • Size

      171KB

    • MD5

      b18ebe381915de6c077a472e16fca173

    • SHA1

      9169e5e7f90ce53f5651b2c8ed5af5b1e7c1b2d0

    • SHA256

      2c95afba75ec68ff3a9ef532003bfd31b32d1942053fe0e934cc223ca532e09e

    • SHA512

      2d525a4410f26aee534e60d640196e6bae965b602d35c19743cd5bff279a95e627dac71be7944fe31fee518adc6f9cdcef6e72b84b54101400e57daa04c0eb35

MITRE ATT&CK Enterprise v6

Tasks