General

  • Target

    aa856dedda137f7419ecc36766ed74e3

  • Size

    300KB

  • Sample

    220803-wgvqfseghk

  • MD5

    aa856dedda137f7419ecc36766ed74e3

  • SHA1

    59a685b1ddd500747678ed66ffdb1afadb7b8023

  • SHA256

    9ec85fa9097826fce61020be2f15ed01c320109c7ec3654c2a42b1b5c46b4b6f

  • SHA512

    60dcb99e96369c32fc8330570021225575b01c3e7b4ecd42554d0b5dbca2796cdb86f93630b32c836892b67a3b50ff8b7594cff43d02a85f8822beb638011fff

Malware Config

Extracted

Family

gozi_ifsb

Botnet

3000

C2

config.edge.skype.com

37.120.206.71

37.120.206.84

193.106.191.163

Attributes
  • base_path

    /drew/

  • build

    250240

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      aa856dedda137f7419ecc36766ed74e3

    • Size

      300KB

    • MD5

      aa856dedda137f7419ecc36766ed74e3

    • SHA1

      59a685b1ddd500747678ed66ffdb1afadb7b8023

    • SHA256

      9ec85fa9097826fce61020be2f15ed01c320109c7ec3654c2a42b1b5c46b4b6f

    • SHA512

      60dcb99e96369c32fc8330570021225575b01c3e7b4ecd42554d0b5dbca2796cdb86f93630b32c836892b67a3b50ff8b7594cff43d02a85f8822beb638011fff

MITRE ATT&CK Matrix

Tasks