General

  • Target

    630f23ca5e1d5.tiff

  • Size

    602KB

  • Sample

    220831-kz7l7acaaj

  • MD5

    dbb163ff1f8a62d881ca77da21c0a83f

  • SHA1

    a2d98114e33d3076327bf4f17a39ca5df8edf741

  • SHA256

    31694d718c2774ef72812a9b7d267e6b56be863db115ee3c5f648441089d11f3

  • SHA512

    24424c88faac8af867a6d146c108cb78543fdee517c66274482bde61fe1d937c4b2d30e7ead6ed46881cb9ecd40c404d90a934dd6b1086ffc8de69c57e3d3458

  • SSDEEP

    12288:4RI+4sEF5wcH9seTP1GQn1WHhu67jd23ctEjBx/2g99:4R7u/wcH9seTdJn6VQcSj//199

Malware Config

Extracted

Family

gozi_ifsb

Botnet

3000

C2

config.edge.skype.com

superstarts.top

superlist.top

internetcoca.in

193.106.191.163

Attributes
  • base_path

    /drew/

  • build

    250240

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      630f23ca5e1d5.tiff

    • Size

      602KB

    • MD5

      dbb163ff1f8a62d881ca77da21c0a83f

    • SHA1

      a2d98114e33d3076327bf4f17a39ca5df8edf741

    • SHA256

      31694d718c2774ef72812a9b7d267e6b56be863db115ee3c5f648441089d11f3

    • SHA512

      24424c88faac8af867a6d146c108cb78543fdee517c66274482bde61fe1d937c4b2d30e7ead6ed46881cb9ecd40c404d90a934dd6b1086ffc8de69c57e3d3458

    • SSDEEP

      12288:4RI+4sEF5wcH9seTP1GQn1WHhu67jd23ctEjBx/2g99:4R7u/wcH9seTdJn6VQcSj//199

MITRE ATT&CK Matrix

Tasks