General

  • Target

    gozi.payload-disk

  • Size

    43KB

  • Sample

    220809-pht2zsabcl

  • MD5

    e36a2ad652142295d4a83f009597e897

  • SHA1

    3ac847fdf1889ee87b60af6cf0ef7a6535785156

  • SHA256

    d312a673f75b4f7b6ed96b7d0da28e0da41f191807af6541c84da85a56bb4134

  • SHA512

    1764400f84cf451e29583c161a0cf7901ccf45aa4b7f7dfef5ac17e3590fc98215ad8ccad69012a74e2f8eaf0f4d7153e12de16815bf46941b70a826eaea41c3

Score
10/10

Malware Config

Extracted

Family

gozi_ifsb

Botnet

3000

C2

config.edge.skype.com

79.110.52.8

79.110.52.80

193.106.191.163

Attributes
  • base_path

    /drew/

  • build

    250240

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      gozi.payload-disk

    • Size

      43KB

    • MD5

      e36a2ad652142295d4a83f009597e897

    • SHA1

      3ac847fdf1889ee87b60af6cf0ef7a6535785156

    • SHA256

      d312a673f75b4f7b6ed96b7d0da28e0da41f191807af6541c84da85a56bb4134

    • SHA512

      1764400f84cf451e29583c161a0cf7901ccf45aa4b7f7dfef5ac17e3590fc98215ad8ccad69012a74e2f8eaf0f4d7153e12de16815bf46941b70a826eaea41c3

    Score
    1/10

MITRE ATT&CK Matrix

Tasks