Resubmissions

26-08-2022 11:15

220826-ncp1eacfc5 10

25-08-2022 17:23

220825-vyf3yshad7 10

General

  • Target

    Desktop.zip (1).zip

  • Size

    279KB

  • Sample

    220825-vyf3yshad7

  • MD5

    64a3b0475b821411e7ba31502c835196

  • SHA1

    22c82fd801adad9139a32f0913243f74bf9d629d

  • SHA256

    687101a8185f9901ac1551dcedfc53d26788b2bb23dfda53ce4a129a68f5aeb5

  • SHA512

    7142e7959446aa54735f489b45577066a888b7e4a401147e1ce8c33689096876519f33ea7534a47f6fd114131336bea409382a695cdf70dc6e922e13ccada1e0

  • SSDEEP

    3072:9JpER9+fW5MVSFCFITDXZxcXqpA/oUi9kZr7GHCWvFYOs3DbN+z55WvDglZ2WRQG:XmR9X2fqyXzKSRtgODECv0lZ///eUd

Malware Config

Extracted

Family

gozi_ifsb

Botnet

3000

C2

config.edge.skype.com

superstarts.top

superlist.top

internetcoca.in

193.106.191.163

Attributes
  • base_path

    /drew/

  • build

    250240

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      6805859.lnk

    • Size

      1KB

    • MD5

      a747f793985579f55849f6243bc3e3ef

    • SHA1

      725eb34f32a53eaa4b6342f5e79cdb024ec54a2a

    • SHA256

      20154dc814581dd0f74887a02b617404b63f288e98e99fb40e6bf5a0715602cb

    • SHA512

      45deead4a8db0e191df71769797d87712404b7b49d4aa4d37d93f4cced5f511da948ce880eed9b81cb23c386ead2507db73cf6f62d5ffbcbac4c4efb59b2456d

    Score
    3/10
    • Target

      me/123.com

    • Size

      60KB

    • MD5

      d0432468fa4b7f66166c430e1334dbda

    • SHA1

      f72d978f4d1ca1c435b1164e7617464cc06a9381

    • SHA256

      7d99c80a1249a1ec9af0f3047c855778b06ea57e11943a271071985afe09e6c2

    • SHA512

      c6db867f1a240b0524d5854516d36bedf220f256ca0bde5f3529586e83dd52b5ecd4e1e1b89b54f67b117879deb2d51310e9151b3c29836de99f7ae89e24da69

    • SSDEEP

      768:pxwG48P6ESdJHC4F8t1gkXDXmekVZRNbSEln5IyYpamDjobj8SSa:n942hIpitWumbZR/ln5IUmDjoXb

    Score
    1/10
    • Target

      me/itFind.js

    • Size

      390B

    • MD5

      def2300f4d4c1cdd85142565abce5af3

    • SHA1

      df24fd05b32147577979ed0250ad06d711144e7e

    • SHA256

      be2cc454d8b1490bfb07d961fc8ab662de0f63cfdb3947b0d702263046e9f079

    • SHA512

      045d6a1a783e63894b030f2e76933dc8c1302b4b746b2c89d6bf37a6f899733541593eb6fdd5f32164ad4c77a1fb03c36323b2677a2367cb109478600a9a314c

    Score
    1/10
    • Target

      me/manIf.db

    • Size

      351KB

    • MD5

      60375d64a9a496e220b6eb1b63e899b3

    • SHA1

      d1b2dd93026b83672118940df78a41e2ee02be80

    • SHA256

      8e570e32acb99abfd0daf62cff13a09eb694ebfa633a365d224aefc6449f97de

    • SHA512

      94dd11ffac54db7301572688958a7e8c0a8486a614370dc5e78a0148c31bfbdc856dc8313ea8b06e0ed6d7e57b45e649af72bba56723b96e1269dfec5e0dcc5f

    • SSDEEP

      6144:S5UwskH5M4JuJAGEshm9uu7tDC/vjalCX6hBydwErnZJ2hVmv3Itrfq/mENG1w2O:oUwJHGYTZhVyYtmNNEw2nSl5rrPZh5Mx

    • Target

      me/ourGo.bat

    • Size

      74B

    • MD5

      c70eac381a08e30017cd6837ad158c66

    • SHA1

      989bff66efbc897a36af0572ba37c8682302ac20

    • SHA256

      fd5d49a3af1052557264c10351b8ba6df5ac5cc0949a186c6c6f9e578eea8d16

    • SHA512

      9f3c4227839437c7ca1cd7e22397001b23be8a342df70eb76aa810e373623d6101bd9bc131791ab268a7abca415dcd564a427a3f855040fc8dd84104f13e7972

    Score
    1/10

MITRE ATT&CK Enterprise v6

Tasks