General

  • Target

    gozi.payload-disk

  • Size

    43KB

  • Sample

    220803-lktbpahff2

  • MD5

    3a8f2a2d40f118146d8d3f2f42315739

  • SHA1

    3b4ef4c3a1a3c6d6aa0ab9006952b5bb8fa73749

  • SHA256

    ae9f0663e71d68075993bb8b1576bdc7b7497782ec34741b150c8937f00cc3f4

  • SHA512

    df85bf5f327d0bae6e061c7c6182e99170d66107066256928b4dd4b7af1fcb02fa96b4f43bbca0e97654db11d1bce2b7b468601b4190288a36efcaf013e5f27d

Score
10/10

Malware Config

Extracted

Family

gozi_ifsb

Botnet

3000

C2

config.edge.skype.com

37.120.206.71

37.120.206.84

193.106.191.163

Attributes
  • base_path

    /drew/

  • build

    250240

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      gozi.payload-disk

    • Size

      43KB

    • MD5

      3a8f2a2d40f118146d8d3f2f42315739

    • SHA1

      3b4ef4c3a1a3c6d6aa0ab9006952b5bb8fa73749

    • SHA256

      ae9f0663e71d68075993bb8b1576bdc7b7497782ec34741b150c8937f00cc3f4

    • SHA512

      df85bf5f327d0bae6e061c7c6182e99170d66107066256928b4dd4b7af1fcb02fa96b4f43bbca0e97654db11d1bce2b7b468601b4190288a36efcaf013e5f27d

    Score
    1/10

MITRE ATT&CK Matrix

Tasks