Overview

overview

10

Static

static

10

c2a0000.dll

windows7-x64

1

c2a0000.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c2a0000.dll.exe

  • Size

    227KB

  • Sample

    220919-rzqf8sdbb2

  • MD5

    5ad9a1a99981dee942fb86d3666b22b5

  • SHA1

    230f7c2678967aaaecc0d7c12a6773d80dc33a98

  • SHA256

    33d6c2bf629e34d4f11f3c680a3ef60501769dbdac658e3a4a119d5ac81bff79

  • SHA512

    bf63ef19157479a355cd34fb8e71af5b6002e6188a00361c460a6d9373c610d317faaaa60cdfa3f495aba42816b35270779a80984425328c7a2337ed51240b43

  • SSDEEP

    3072:NlfGqwJTeTEom3lIkR2SCD6q9KgyItk78mV0dfgxT/cqAFw5VgCK5hcj3pxJFoc:NlDosEPR66q9KgylInd6oqAFD5unFoc

Score
10/10
gozi_ifsb40000

Malware Config

Extracted

Family

gozi_ifsb

Botnet

40000

C2

trackingg-protectioon.cdn1.mozilla.net

45.8.158.104

188.127.224.114

weiqeqwns.com

wdeiqeqwns.com

weiqeqwens.com

weiqewqwns.com

iujdhsndjfks.com
Attributes
  • base_path

    /uploaded/

  • exe_type

    worker

  • extension

    .pct

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      c2a0000.dll.exe

    • Size

      227KB

    • MD5

      5ad9a1a99981dee942fb86d3666b22b5

    • SHA1

      230f7c2678967aaaecc0d7c12a6773d80dc33a98

    • SHA256

      33d6c2bf629e34d4f11f3c680a3ef60501769dbdac658e3a4a119d5ac81bff79

    • SHA512

      bf63ef19157479a355cd34fb8e71af5b6002e6188a00361c460a6d9373c610d317faaaa60cdfa3f495aba42816b35270779a80984425328c7a2337ed51240b43

    • SSDEEP

      3072:NlfGqwJTeTEom3lIkR2SCD6q9KgyItk78mV0dfgxT/cqAFw5VgCK5hcj3pxJFoc:NlDosEPR66q9KgylInd6oqAFD5unFoc

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks