gozi_ifsb | d622b3fa4d9db13eda3872919fef4285547af86ed38f6b51afeb412535b25003 | Triage

Sharing

General

Target

f3a0000.dll
Size

227KB
Sample

220811-qdr79sfeek
MD5

feb84f9cd92f37d2dfa3f3bde5c8d9b8
SHA1

cf38b80db8f138c9d13612adca3cca8c9f1fa558
SHA256

d622b3fa4d9db13eda3872919fef4285547af86ed38f6b51afeb412535b25003
SHA512

f261e5b09540be0593402c1a67c21fb80b473659d4d56ad3a0d6617711ac95ab9637b2566417f40181cd7d0ff2d0f7f743a79df066f904a8e16e2968d28f0f21

Score

10^/10

gozi_ifsb 11111

Malware Config

Extracted

Family

gozi_ifsb

Botnet

11111

C2

trackin1g-protection.cdnn.mozilla.net

176.10.119.80

194.76.224.245

31.214.157.77

chnkdgpopupser.at

185.158.250.220

185.158.250.234

194.76.224.181

Attributes

base_path
/fonts/
exe_type
worker
extension
.bak
server_id
50

rsa_pubkey.plain

aes.plain

Targets

- Target
  
  f3a0000.dll
- Size
  
  227KB
- MD5
  
  feb84f9cd92f37d2dfa3f3bde5c8d9b8
- SHA1
  
  cf38b80db8f138c9d13612adca3cca8c9f1fa558
- SHA256
  
  d622b3fa4d9db13eda3872919fef4285547af86ed38f6b51afeb412535b25003
- SHA512
  
  f261e5b09540be0593402c1a67c21fb80b473659d4d56ad3a0d6617711ac95ab9637b2566417f40181cd7d0ff2d0f7f743a79df066f904a8e16e2968d28f0f21
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2