General

  • Target

    15f6b5a0000.dll

  • Size

    227KB

  • Sample

    220908-qdqpfaefd4

  • MD5

    10f6d9c12ed5367fa071d080080da14c

  • SHA1

    60e5fe882c800c90af192aefd83ffdffe15e89db

  • SHA256

    0e50c1ce3522fca4206c0ed3d4bd7ecebf821ba63da2bd7349e85e833083cee8

  • SHA512

    5c23bacf04f061fdbeb31579d8db0a000a8bc934598a4e590ca8bbb07bd689620c754d7eb2597ee94ca3d5e77c9d5f595c2e85afeaa45467bb1412f2808fb873

  • SSDEEP

    3072:Y5hinZgCo+NjJWSsznC2OCyzjFIz4V1T/JDR1v7kBB78C752cjmH5eM:Y+nZ1o+NJWbn2CMFIzSTRDR1vQR5qz

Score
10/10

Malware Config

Extracted

Family

gozi_ifsb

Botnet

1900

C2

apnfy.msn.com

194.76.225.61

185.212.47.186

45.11.180.215

45.11.180.219

Attributes
  • base_path

    /doorway/

  • exe_type

    worker

  • extension

    .drr

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      15f6b5a0000.dll

    • Size

      227KB

    • MD5

      10f6d9c12ed5367fa071d080080da14c

    • SHA1

      60e5fe882c800c90af192aefd83ffdffe15e89db

    • SHA256

      0e50c1ce3522fca4206c0ed3d4bd7ecebf821ba63da2bd7349e85e833083cee8

    • SHA512

      5c23bacf04f061fdbeb31579d8db0a000a8bc934598a4e590ca8bbb07bd689620c754d7eb2597ee94ca3d5e77c9d5f595c2e85afeaa45467bb1412f2808fb873

    • SSDEEP

      3072:Y5hinZgCo+NjJWSsznC2OCyzjFIz4V1T/JDR1v7kBB78C752cjmH5eM:Y+nZ1o+NJWbn2CMFIzSTRDR1vQR5qz

    Score
    1/10

MITRE ATT&CK Matrix

Tasks