Overview

overview

10

Static

static

10

2024-57-0x...ry.dll

windows7_x64

3

2024-57-0x...ry.dll

windows10-2004_x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-57-0x0000000000750000-0x00000000007BD000-memory.dmp

  • Size

    436KB

  • Sample

    220629-t28fyabbaq

  • MD5

    af51edd4c98a2b4b96d90551d8891de1

  • SHA1

    2abb61ce7488c0c6d015e64420e0d5bfa1e38232

  • SHA256

    1283544ad8fb33f3702b690f43c3a8d47f643a19b5a014bcbcee9a88e5f653bb

  • SHA512

    4443df4823f1a7eac4be6f7cdb039ba2d6b56dcf95f72409a66c966baadb6c70895fd0f73fa3886ead891f48fd56e440a32e9c7ea3fd2e3dd83a0045f6c160cb

Score
10/10
gozi_ifsb3000

Malware Config

Extracted

Family

gozi_ifsb

Botnet

3000

C2

config.edge.skype.com

194.76.225.112

194.76.225.113

46.21.153.203
Attributes
  • base_path

    /drew/

  • build

    250239

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      2024-57-0x0000000000750000-0x00000000007BD000-memory.dmp

    • Size

      436KB

    • MD5

      af51edd4c98a2b4b96d90551d8891de1

    • SHA1

      2abb61ce7488c0c6d015e64420e0d5bfa1e38232

    • SHA256

      1283544ad8fb33f3702b690f43c3a8d47f643a19b5a014bcbcee9a88e5f653bb

    • SHA512

      4443df4823f1a7eac4be6f7cdb039ba2d6b56dcf95f72409a66c966baadb6c70895fd0f73fa3886ead891f48fd56e440a32e9c7ea3fd2e3dd83a0045f6c160cb

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks