Overview

overview

10

Static

static

10

56d0000.dll

windows7-x64

1

56d0000.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    56d0000.dll.exe

  • Size

    227KB

  • Sample

    220922-rvpzxafdhl

  • MD5

    26abb2d99a0bd87e9f0b51b0d76eb923

  • SHA1

    79f331e299b807a54fedb672480e24c18a2970ea

  • SHA256

    94b45c633eefe632a81b5112561db3c2b7ad68b10db646462c3d05b03270e04f

  • SHA512

    48b0325e378631a536bed3abe9525024fb951d6a0564b602f03301b1f0f45f6715aef307ac9a304d985cb4319a2cdf47768633348897991d774533595cc8b4ee

  • SSDEEP

    3072:l5hinZgCo+NjJWSsznC2OCyzjFIz4V1T/JDR1vXBB78C752cjRI5e:l+nZ1o+NJWbn2CMFIzSTRDR1vXR5K

Score
10/10
gozi_ifsb10102

Malware Config

Extracted

Family

gozi_ifsb

Botnet

10102

C2

trackingg-protectioon.cdn1.mozilla.net

45.8.158.104

188.127.224.114

weiqeqwns.com

wdeiqeqwns.com

weiqeqwens.com

weiqewqwns.com

iujdhsndjfks.com
Attributes
  • base_path

    /uploaded/

  • exe_type

    worker

  • extension

    .pct

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      56d0000.dll.exe

    • Size

      227KB

    • MD5

      26abb2d99a0bd87e9f0b51b0d76eb923

    • SHA1

      79f331e299b807a54fedb672480e24c18a2970ea

    • SHA256

      94b45c633eefe632a81b5112561db3c2b7ad68b10db646462c3d05b03270e04f

    • SHA512

      48b0325e378631a536bed3abe9525024fb951d6a0564b602f03301b1f0f45f6715aef307ac9a304d985cb4319a2cdf47768633348897991d774533595cc8b4ee

    • SSDEEP

      3072:l5hinZgCo+NjJWSsznC2OCyzjFIz4V1T/JDR1vXBB78C752cjRI5e:l+nZ1o+NJWbn2CMFIzSTRDR1vXR5K

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks