General

  • Target

    1056-57-0x0000000010000000-0x000000001000E000-memory.dmp

  • Size

    56KB

  • Sample

    220812-d1cpwaaec6

  • MD5

    3b5b79094a5f7d0d67e78e2bab398dc7

  • SHA1

    4819edc4cd27ff3988de924e469c5cfa111e2341

  • SHA256

    ece62bc799b2a2d166be9512a6b19fa529c10f954fbf726bcff953733346058e

  • SHA512

    3d9a61a2e8727b5f2cdeeba89b26433970276e0042c2f32d82bd09dae0b81857eb06af785c56b7fa208c6c633c7a4171e62a95a7e6e68d6971bc2e390b87df95

Score
10/10

Malware Config

Extracted

Family

gozi_ifsb

Botnet

3000

C2

config.edge.skype.com

79.110.52.8

79.110.52.80

193.106.191.163

Attributes
  • base_path

    /drew/

  • build

    250240

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      1056-57-0x0000000010000000-0x000000001000E000-memory.dmp

    • Size

      56KB

    • MD5

      3b5b79094a5f7d0d67e78e2bab398dc7

    • SHA1

      4819edc4cd27ff3988de924e469c5cfa111e2341

    • SHA256

      ece62bc799b2a2d166be9512a6b19fa529c10f954fbf726bcff953733346058e

    • SHA512

      3d9a61a2e8727b5f2cdeeba89b26433970276e0042c2f32d82bd09dae0b81857eb06af785c56b7fa208c6c633c7a4171e62a95a7e6e68d6971bc2e390b87df95

    Score
    3/10

MITRE ATT&CK Matrix

Tasks