General

  • Target

    5a390785c5c5147423e09a52ddaff3c95a20ceb872906e355d9a4a60651c3d49

  • Size

    485KB

  • Sample

    220802-ex4jvsbggk

  • MD5

    f95f6ce7275eedcd29308e7d5ee7a2d9

  • SHA1

    b202cf0cbb77a284f7be16c367b5cdd4b3ebcc75

  • SHA256

    5a390785c5c5147423e09a52ddaff3c95a20ceb872906e355d9a4a60651c3d49

  • SHA512

    4c072c3cc993610c1f4bc76018348c90a8f99a6cee5c0231e82c206cd1c4f2f680117ff2371d1b5dddef0e724ffeebb01460df3e76a41235340a63bf853a04d3

Malware Config

Extracted

Family

gozi_ifsb

Attributes
  • build

    215165

Extracted

Family

gozi_ifsb

Botnet

3140

C2

isatawatag.com

bosototsuy.com

atamekihok.com

Attributes
  • build

    215165

  • dga_base_url

    constitution.org/usdeclar.txt

  • dga_crc

    0x4eb7d2ca

  • dga_season

    10

  • dga_tlds

    com

    ru

    org

  • exe_type

    loader

  • server_id

    12

rsa_pubkey.plain
serpent.plain

Targets

    • Target

      5a390785c5c5147423e09a52ddaff3c95a20ceb872906e355d9a4a60651c3d49

    • Size

      485KB

    • MD5

      f95f6ce7275eedcd29308e7d5ee7a2d9

    • SHA1

      b202cf0cbb77a284f7be16c367b5cdd4b3ebcc75

    • SHA256

      5a390785c5c5147423e09a52ddaff3c95a20ceb872906e355d9a4a60651c3d49

    • SHA512

      4c072c3cc993610c1f4bc76018348c90a8f99a6cee5c0231e82c206cd1c4f2f680117ff2371d1b5dddef0e724ffeebb01460df3e76a41235340a63bf853a04d3

MITRE ATT&CK Matrix

Tasks