General

  • Target

    1772-57-0x0000000010000000-0x000000001000E000-memory.dmp

  • Size

    56KB

  • Sample

    220826-k8eyjaacgm

  • MD5

    3504d6fa23c87efcb83529b56000a9f6

  • SHA1

    a5b2d092edab826f3c50675e3d99a0b6593dbfa0

  • SHA256

    d81623caed1fa8cc7a023e20774ca7c0a19278aa496c5fe9c008646b59f5b2cf

  • SHA512

    da5059eb9d3a27177662f0ebddad031573d4169be3abaca9cf959bf1fb51a9c1479917a1b6a4bc43beec91e2477c5aef229f65eace8696866f5f5944fe88aa1a

  • SSDEEP

    768:A2rrU7eukUXM7d6VvW/yCdcNtW2RTYBfx6w39rDE3Lkjx2K/ZK38udM:BaeuZM7Ms/XdeD8B56w39HE384h38k

Score
10/10

Malware Config

Extracted

Family

gozi_ifsb

Botnet

3000

C2

config.edge.skype.com

superstarts.top

superlist.top

internetcoca.in

193.106.191.163

Attributes
  • base_path

    /drew/

  • build

    250240

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      1772-57-0x0000000010000000-0x000000001000E000-memory.dmp

    • Size

      56KB

    • MD5

      3504d6fa23c87efcb83529b56000a9f6

    • SHA1

      a5b2d092edab826f3c50675e3d99a0b6593dbfa0

    • SHA256

      d81623caed1fa8cc7a023e20774ca7c0a19278aa496c5fe9c008646b59f5b2cf

    • SHA512

      da5059eb9d3a27177662f0ebddad031573d4169be3abaca9cf959bf1fb51a9c1479917a1b6a4bc43beec91e2477c5aef229f65eace8696866f5f5944fe88aa1a

    • SSDEEP

      768:A2rrU7eukUXM7d6VvW/yCdcNtW2RTYBfx6w39rDE3Lkjx2K/ZK38udM:BaeuZM7Ms/XdeD8B56w39HE384h38k

    Score
    3/10

MITRE ATT&CK Matrix

Tasks