General

  • Target

    62fff09cd4239.pdf

  • Size

    586KB

  • Sample

    220817-z4fftsfgf3

  • MD5

    e883661d38f25d89f9ae87d88324ec53

  • SHA1

    2405e1f20caac9adc827aa13cc312e4c83231204

  • SHA256

    899718beec2df6d768081954dabec9407c79a51c807b80d69e1a4ff7cdea2629

  • SHA512

    adfd142ec4f7adafc1910b9aa63f4d900227d00dffbb88dddd847c7596a82d68d8700c725149db953b6fbeef56b60a1a7ed81dfbaa59089c950ded72d0f7c33f

  • SSDEEP

    12288:aITYeIRflZBulOalcmLRcQqa8Z+R87Rk4QX2Z5+6Tqb6MJfi0xgQW2uPXtc06:7IR3JmL5m+RJ2nm40xU2uFK

Malware Config

Extracted

Family

gozi_ifsb

Botnet

3000

C2

config.edge.skype.com

superstarts.top

superlist.top

internetcoca.in

193.106.191.163

Attributes
  • base_path

    /drew/

  • build

    250240

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      62fff09cd4239.pdf

    • Size

      586KB

    • MD5

      e883661d38f25d89f9ae87d88324ec53

    • SHA1

      2405e1f20caac9adc827aa13cc312e4c83231204

    • SHA256

      899718beec2df6d768081954dabec9407c79a51c807b80d69e1a4ff7cdea2629

    • SHA512

      adfd142ec4f7adafc1910b9aa63f4d900227d00dffbb88dddd847c7596a82d68d8700c725149db953b6fbeef56b60a1a7ed81dfbaa59089c950ded72d0f7c33f

    • SSDEEP

      12288:aITYeIRflZBulOalcmLRcQqa8Z+R87Rk4QX2Z5+6Tqb6MJfi0xgQW2uPXtc06:7IR3JmL5m+RJ2nm40xU2uFK

MITRE ATT&CK Matrix

Tasks