Overview

overview

10

Static

static

10

828-62-0x0...ry.exe

windows7-x64

828-62-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    828-62-0x0000000000400000-0x000000000058C000-memory.dmp

  • Size

    1.5MB

  • Sample

    220925-q6dwcagbdq

  • MD5

    f24ed3b87d1f6723ed13a3c8eaed380c

  • SHA1

    863f76afda088a75e832d97e847688e53f2b4a6e

  • SHA256

    83e1b1b3d1189cabf6e2e29186108b9bb21db204fed16ebdea2e728bcd597e5c

  • SHA512

    66b6674a42e237c5df49d6c8d3ac236634f00ae3a86b984d1d53daabce9fa4f4400bc1f683aadb881930d2587ff5b2ad332ea4a076a2a8e5a18181df90ea9ef1

  • SSDEEP

    3072:8LHdqll4OMq2LpeReS2+sm5wzrngB90nGVf2f1tI82B8OFrfg6/PkIXx:8rdqL4OM1L0RgP3gB98GVfwW

Score
10/10
gozi_ifsb7777

Malware Config

Extracted

Family

gozi_ifsb

Botnet

7777

C2

trackingg-protectioon.cdn4.mozilla.net

194.76.225.37

trackingg-protectioon.cdn5.mozilla.net

185.212.44.249

109.230.199.185
Attributes
  • base_path

    /fonts/

  • build

    250246

  • exe_type

    loader

  • extension

    .bak

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      828-62-0x0000000000400000-0x000000000058C000-memory.dmp

    • Size

      1.5MB

    • MD5

      f24ed3b87d1f6723ed13a3c8eaed380c

    • SHA1

      863f76afda088a75e832d97e847688e53f2b4a6e

    • SHA256

      83e1b1b3d1189cabf6e2e29186108b9bb21db204fed16ebdea2e728bcd597e5c

    • SHA512

      66b6674a42e237c5df49d6c8d3ac236634f00ae3a86b984d1d53daabce9fa4f4400bc1f683aadb881930d2587ff5b2ad332ea4a076a2a8e5a18181df90ea9ef1

    • SSDEEP

      3072:8LHdqll4OMq2LpeReS2+sm5wzrngB90nGVf2f1tI82B8OFrfg6/PkIXx:8rdqL4OM1L0RgP3gB98GVfwW

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks