Overview

overview

10

Static

static

10

f3a0000.dll

windows7-x64

1

f3a0000.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f3a0000.dll.exe

  • Size

    227KB

  • Sample

    220906-massvagdgk

  • MD5

    093e3e04badb64b09c6803ef152c7903

  • SHA1

    9a8d7e481878044d2ac73740406e0ea9d4e1c341

  • SHA256

    59aeca8691ad3ddf1ad2217938f543821179ba1bdb7190e50c3df8605314b549

  • SHA512

    bc4a3c2de3df59481acef8ef44c05e22035ce8ae5c1e04e2926ec0270995069cc912b9b718947a82a1bc02da3ecd356ae70138456e5d026c96fdc8be24aeca58

  • SSDEEP

    3072:X5hinZgCo+NjJWSsznC2OCyzjFIz4V1T/JDR1vHBB78C752cj2v5e:X+nZ1o+NJWbn2CMFIzSTRDR1vHR5u

Score
10/10
gozi_ifsb11111

Malware Config

Extracted

Family

gozi_ifsb

Botnet

11111

C2

trackin1g-protection.cdnn.mozilla.net

176.10.119.80

194.76.224.245

31.214.157.77

chnkdgpopupser.at

185.158.250.220

185.158.250.234

194.76.224.181
Attributes
  • base_path

    /fonts/

  • exe_type

    worker

  • extension

    .bak

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      f3a0000.dll.exe

    • Size

      227KB

    • MD5

      093e3e04badb64b09c6803ef152c7903

    • SHA1

      9a8d7e481878044d2ac73740406e0ea9d4e1c341

    • SHA256

      59aeca8691ad3ddf1ad2217938f543821179ba1bdb7190e50c3df8605314b549

    • SHA512

      bc4a3c2de3df59481acef8ef44c05e22035ce8ae5c1e04e2926ec0270995069cc912b9b718947a82a1bc02da3ecd356ae70138456e5d026c96fdc8be24aeca58

    • SSDEEP

      3072:X5hinZgCo+NjJWSsznC2OCyzjFIz4V1T/JDR1vHBB78C752cj2v5e:X+nZ1o+NJWbn2CMFIzSTRDR1vHR5u

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks