Overview

overview

10

Static

static

10

1396-57-0x...ry.dll

windows7_x64

3

1396-57-0x...ry.dll

windows10-2004_x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1396-57-0x0000000000270000-0x00000000002DE000-memory.dmp

  • Size

    440KB

  • Sample

    220707-lnrl9sddf5

  • MD5

    ab893bed4a79c96d4693d74b6cf0fb92

  • SHA1

    35f126be5c87e90d3ea2f9fc92a63108d0aaa355

  • SHA256

    e69f03143b43e1c81faf7dc503efb6b514031c6c74d94661428aae489c6ad5b2

  • SHA512

    613b0c426e9be003745d29a6bc5c8c91307ae1bef1cbb37f0b00f553ce5a4053b6b8388153a17c381bdcd1fca4dd7221507a734cd7742af6480727368bacda93

Score
10/10
gozi_ifsb3000

Malware Config

Extracted

Family

gozi_ifsb

Botnet

3000

C2

config.edge.skype.com

79.110.52.164

79.110.52.97
Attributes
  • base_path

    /drew/

  • build

    250239

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      1396-57-0x0000000000270000-0x00000000002DE000-memory.dmp

    • Size

      440KB

    • MD5

      ab893bed4a79c96d4693d74b6cf0fb92

    • SHA1

      35f126be5c87e90d3ea2f9fc92a63108d0aaa355

    • SHA256

      e69f03143b43e1c81faf7dc503efb6b514031c6c74d94661428aae489c6ad5b2

    • SHA512

      613b0c426e9be003745d29a6bc5c8c91307ae1bef1cbb37f0b00f553ce5a4053b6b8388153a17c381bdcd1fca4dd7221507a734cd7742af6480727368bacda93

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks