General

  • Target

    7a776a85dac4805fc5e0dd4ba9be866667bbbce1591ba15c4f4d480911c29361

  • Size

    372KB

  • Sample

    220725-c8ry4abdg9

  • MD5

    439c4f722b230433a4571ff448105742

  • SHA1

    7a005af470fca578438f774b1604eed07fdde1c9

  • SHA256

    7a776a85dac4805fc5e0dd4ba9be866667bbbce1591ba15c4f4d480911c29361

  • SHA512

    4c9d9ef7ddee6f92746c3adfac45d08c803df7d5317c8846a722b8c64b3bd23fb0b85f0ef7aef8a99c43b43954d1a51bd92e14d5cca8c80363d4ea545b858d11

Malware Config

Extracted

Family

gozi_ifsb

Attributes
  • build

    214062

Extracted

Family

gozi_ifsb

Botnet

3181

C2

bm25yp.com

xiivhaaou.email

m264591jasen.city

Attributes
  • build

    214062

  • dga_base_url

    constitution.org/usdeclar.txt

  • dga_crc

    0x4eb7d2ca

  • dga_season

    10

  • dga_tlds

    com

    ru

    org

  • exe_type

    loader

  • server_id

    12

rsa_pubkey.plain
serpent.plain

Targets

    • Target

      7a776a85dac4805fc5e0dd4ba9be866667bbbce1591ba15c4f4d480911c29361

    • Size

      372KB

    • MD5

      439c4f722b230433a4571ff448105742

    • SHA1

      7a005af470fca578438f774b1604eed07fdde1c9

    • SHA256

      7a776a85dac4805fc5e0dd4ba9be866667bbbce1591ba15c4f4d480911c29361

    • SHA512

      4c9d9ef7ddee6f92746c3adfac45d08c803df7d5317c8846a722b8c64b3bd23fb0b85f0ef7aef8a99c43b43954d1a51bd92e14d5cca8c80363d4ea545b858d11

MITRE ATT&CK Matrix

Tasks