gozi_ifsb | 54eed1d4eb8679e67541c1102e743a1d636b90860bdea3ace0e9fd7a2d4309ee | Triage

Sharing

General

Target

c6a0000.dll
Size

227KB
Sample

220803-q41mbscgbm
MD5

dc0242b15c433ce34164bc39bac1534f
SHA1

26e1f261c95841e4a4ba71fb909f567fabd86ccb
SHA256

54eed1d4eb8679e67541c1102e743a1d636b90860bdea3ace0e9fd7a2d4309ee
SHA512

476168fd539af683d361ac710d98db232df82984db0937823c8036f7efdebe1f2f81ecebe56a1f35abb7f21575a9c10537144e74a979485b8458028a4c78aa69

Score

10^/10

gozi_ifsb 11111

Malware Config

Extracted

Family

gozi_ifsb

Botnet

11111

C2

trackin1g-protection.cdnn.mozilla.net

176.10.119.80

194.76.224.245

31.214.157.77

chnkdgpopupser.at

185.158.250.220

185.158.250.234

194.76.224.181

Attributes

base_path
/fonts/
exe_type
worker
extension
.bak
server_id
50

rsa_pubkey.plain

aes.plain

Targets

- Target
  
  c6a0000.dll
- Size
  
  227KB
- MD5
  
  dc0242b15c433ce34164bc39bac1534f
- SHA1
  
  26e1f261c95841e4a4ba71fb909f567fabd86ccb
- SHA256
  
  54eed1d4eb8679e67541c1102e743a1d636b90860bdea3ace0e9fd7a2d4309ee
- SHA512
  
  476168fd539af683d361ac710d98db232df82984db0937823c8036f7efdebe1f2f81ecebe56a1f35abb7f21575a9c10537144e74a979485b8458028a4c78aa69
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2