General

  • Target

    2c93e2dd429d4f72384ca29eb1e5d726e74d450c4b7f953179014bd41b60f77a

  • Size

    354KB

  • Sample

    220614-2ach7afgcl

  • MD5

    97a8b001a1d0d7f3951ab9e36ae63305

  • SHA1

    0962d6de0a5440f7b317ce1bf565f6bf2c7cad89

  • SHA256

    2c93e2dd429d4f72384ca29eb1e5d726e74d450c4b7f953179014bd41b60f77a

  • SHA512

    58b52c8de39cb61d309d8a8dfa6e44e5cf9e3715ad4a4d751d5b00560855921135025009000fa55476892aa07ddd9c489165dda1cdff097258877401ae5ac1c2

Malware Config

Extracted

Family

gozi_ifsb

Attributes
  • build

    214062

Extracted

Family

gozi_ifsb

Botnet

3177

C2

wgcjeremy11.band

skelsigabriella.fun

xelectauishanie.email

Attributes
  • build

    214062

  • dga_base_url

    constitution.org/usdeclar.txt

  • dga_crc

    0x4eb7d2ca

  • dga_season

    10

  • dga_tlds

    com

    ru

    org

  • exe_type

    loader

  • server_id

    12

rsa_pubkey.plain
serpent.plain

Targets

    • Target

      2c93e2dd429d4f72384ca29eb1e5d726e74d450c4b7f953179014bd41b60f77a

    • Size

      354KB

    • MD5

      97a8b001a1d0d7f3951ab9e36ae63305

    • SHA1

      0962d6de0a5440f7b317ce1bf565f6bf2c7cad89

    • SHA256

      2c93e2dd429d4f72384ca29eb1e5d726e74d450c4b7f953179014bd41b60f77a

    • SHA512

      58b52c8de39cb61d309d8a8dfa6e44e5cf9e3715ad4a4d751d5b00560855921135025009000fa55476892aa07ddd9c489165dda1cdff097258877401ae5ac1c2

MITRE ATT&CK Matrix

Tasks