General

  • Target

    92afccb1071aad0cf08b9116daa54d93a1e1767e09fd3c8192e577313b997b08

  • Size

    266KB

  • Sample

    220812-azyn6sechj

  • MD5

    c23f4f117eecc5d60c72ee0bb8bfbb29

  • SHA1

    3adf66c6629a001c6f32d8dbb496ecb942211e34

  • SHA256

    b2c2a3ec4991696c24d0fb3b8b9b12c7b1cd3f68826b457bc995007f06aae586

  • SHA512

    642cf8ade1b6d195984547af05e5dabcebd75edabfd67db46f567ef151eda2048c72af64cabceca6f7a4cb010aac9ef2a580eac38a5b13ef1b4caf952fddbfa8

Malware Config

Extracted

Family

gozi_ifsb

Botnet

3000

C2

config.edge.skype.com

79.110.52.8

79.110.52.80

193.106.191.163

Attributes
  • base_path

    /drew/

  • build

    250240

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      92afccb1071aad0cf08b9116daa54d93a1e1767e09fd3c8192e577313b997b08

    • Size

      376KB

    • MD5

      ead9dccda0c952a77dfcbdab50f99f33

    • SHA1

      43361b1205a2642587c41da75708fd31b130d3e7

    • SHA256

      92afccb1071aad0cf08b9116daa54d93a1e1767e09fd3c8192e577313b997b08

    • SHA512

      09f88dd1d12d288ed283e41c7473d239d97d7f571f439a72c47173382e7f68e34e362926ed08bb4a04a9ca6c883924366a648169217ea60972f233369945fe00

MITRE ATT&CK Matrix

Tasks