General

  • Target

    2c86f2eed73800318f8ebb870f1b749730cb037c900c097ae2f8b8abe1c2b03a

  • Size

    354KB

  • Sample

    220614-2eyxzsgacn

  • MD5

    663ee0f84de1901921e1cceb362ad961

  • SHA1

    5b6f634ad97c61a95eadcd5c965d65b32d481210

  • SHA256

    2c86f2eed73800318f8ebb870f1b749730cb037c900c097ae2f8b8abe1c2b03a

  • SHA512

    100f823a71ebdcdb6f3bfa098d2b8e15fdc6aeaaad8ebd66744d1a4dd546c021f9ede3ed5a6a1e320d982636e3a47229e36431f15d7e04d08e0f0fab927a78e3

Malware Config

Extracted

Family

gozi_ifsb

Attributes
  • build

    214062

Extracted

Family

gozi_ifsb

Botnet

3177

C2

wgcjeremy11.band

skelsigabriella.fun

xelectauishanie.email

Attributes
  • build

    214062

  • dga_base_url

    constitution.org/usdeclar.txt

  • dga_crc

    0x4eb7d2ca

  • dga_season

    10

  • dga_tlds

    com

    ru

    org

  • exe_type

    loader

  • server_id

    12

rsa_pubkey.plain
serpent.plain

Targets

    • Target

      2c86f2eed73800318f8ebb870f1b749730cb037c900c097ae2f8b8abe1c2b03a

    • Size

      354KB

    • MD5

      663ee0f84de1901921e1cceb362ad961

    • SHA1

      5b6f634ad97c61a95eadcd5c965d65b32d481210

    • SHA256

      2c86f2eed73800318f8ebb870f1b749730cb037c900c097ae2f8b8abe1c2b03a

    • SHA512

      100f823a71ebdcdb6f3bfa098d2b8e15fdc6aeaaad8ebd66744d1a4dd546c021f9ede3ed5a6a1e320d982636e3a47229e36431f15d7e04d08e0f0fab927a78e3

MITRE ATT&CK Matrix

Tasks