General

  • Target

    68ea106b3ff0d710ee9af1271bb8af0636100691c1d08f45036f31a9e29ae688

  • Size

    244KB

  • Sample

    220812-brglcsehbn

  • MD5

    6aa21fb8fdf5ef60ba490420719903f5

  • SHA1

    75fa6c8b4494983066b553ff9b3e262bd81b2249

  • SHA256

    bf73958e0621f0240d547483379c8127573b89b992278c64217e472b793a875a

  • SHA512

    07177fd81a2854915b8473c0c6c1c063d538c842c18d603f756d7bc00b96ecc97787602dde1ae65b0bc4989962bb93ef7df9b3108314e70fd635afa128658d69

Malware Config

Extracted

Family

gozi_ifsb

Botnet

3000

C2

config.edge.skype.com

79.110.52.8

79.110.52.80

193.106.191.163

Attributes
  • base_path

    /drew/

  • build

    250240

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      68ea106b3ff0d710ee9af1271bb8af0636100691c1d08f45036f31a9e29ae688

    • Size

      347KB

    • MD5

      ed375aaa5a4378c5b4c645da301a43f0

    • SHA1

      bd41b21b1b151e7cb29f129a883b97f2cd94cc21

    • SHA256

      68ea106b3ff0d710ee9af1271bb8af0636100691c1d08f45036f31a9e29ae688

    • SHA512

      e0926db1fd14df5fba630ce59ced0ab0a49ec402f38bace61b80742aaa9725ea37109dc9729249f341df858454a870dfb0ba74c7173d215579acbf264c0ffb6e

MITRE ATT&CK Matrix

Tasks