Overview

overview

10

Static

static

10

1408-57-0x...ry.dll

windows7_x64

3

1408-57-0x...ry.dll

windows10-2004_x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1408-57-0x00000000001C0000-0x000000000022E000-memory.dmp

  • Size

    440KB

  • Sample

    220707-wfsvgafeg3

  • MD5

    9353b8464534a077e1023295e22276dc

  • SHA1

    ee5fd74d331fb5faffb4ac54bb031c683eff2f3c

  • SHA256

    c8ffba454a1a71f8b5635cd387ab53ed6ecab7102665581a0839403dca0f7bda

  • SHA512

    864296da41118aa9508c5a7ccfd98242d714b188df96a32d40877c85e9f04b71bbe28438be3bc6913404da8858968927d01b06c88ef0a4ffa01292c556c96f26

Score
10/10
gozi_ifsb3000

Malware Config

Extracted

Family

gozi_ifsb

Botnet

3000

C2

config.edge.skype.com

79.110.52.164

79.110.52.97
Attributes
  • base_path

    /drew/

  • build

    250239

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      1408-57-0x00000000001C0000-0x000000000022E000-memory.dmp

    • Size

      440KB

    • MD5

      9353b8464534a077e1023295e22276dc

    • SHA1

      ee5fd74d331fb5faffb4ac54bb031c683eff2f3c

    • SHA256

      c8ffba454a1a71f8b5635cd387ab53ed6ecab7102665581a0839403dca0f7bda

    • SHA512

      864296da41118aa9508c5a7ccfd98242d714b188df96a32d40877c85e9f04b71bbe28438be3bc6913404da8858968927d01b06c88ef0a4ffa01292c556c96f26

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks