General

  • Target

    29ef3f52428c2269c219a026c6e72c8cf3cf8e82b527993543cf141fdc1d91a3

  • Size

    215KB

  • Sample

    220615-jhx6ragbc8

  • MD5

    989eb9c6f7300c816c7263363e101b7a

  • SHA1

    08146b31e8133bb5dd8a66bbdd3a459ad2463422

  • SHA256

    29ef3f52428c2269c219a026c6e72c8cf3cf8e82b527993543cf141fdc1d91a3

  • SHA512

    9b9a422d0145aeb22662462ecd20aca0758655b5a135cf01b133c709a024521ac57c3b97d1e9b371e4b8d8c0927544be6e3c75dde6093711f71289f027f229b8

Malware Config

Extracted

Family

gozi_ifsb

Attributes
  • build

    215165

Extracted

Family

gozi_ifsb

Botnet

3153

C2

biesbetiop.com

kircherche.com

toforemedi.com

Attributes
  • build

    215165

  • dga_base_url

    constitution.org/usdeclar.txt

  • dga_crc

    0x4eb7d2ca

  • dga_season

    10

  • dga_tlds

    com

    ru

    org

  • exe_type

    loader

  • server_id

    12

rsa_pubkey.plain
serpent.plain

Targets

    • Target

      29ef3f52428c2269c219a026c6e72c8cf3cf8e82b527993543cf141fdc1d91a3

    • Size

      215KB

    • MD5

      989eb9c6f7300c816c7263363e101b7a

    • SHA1

      08146b31e8133bb5dd8a66bbdd3a459ad2463422

    • SHA256

      29ef3f52428c2269c219a026c6e72c8cf3cf8e82b527993543cf141fdc1d91a3

    • SHA512

      9b9a422d0145aeb22662462ecd20aca0758655b5a135cf01b133c709a024521ac57c3b97d1e9b371e4b8d8c0927544be6e3c75dde6093711f71289f027f229b8

MITRE ATT&CK Matrix

Tasks