Overview

overview

10

Static

static

10

51b0000.dll

windows7-x64

1

51b0000.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    51b0000.dll.exe

  • Size

    227KB

  • Sample

    220926-mjs5zaadh3

  • MD5

    094f41bc4ba276ef66971ddd35c63365

  • SHA1

    3aefe72b7f7e4aef5c68c1c5ca60ffa25071984d

  • SHA256

    857ea4a7ea0b6903992bc62853453e780b8e8e6af87daa574660be322473b9fc

  • SHA512

    48d25444b580cca73dfaa6584096e51154f3116c784d1bdb0ed9ec86d6be0fd4df8a0a613155ba5bce739420f5a6dbec31173fc76a2e9cb4994e3e681faea8b5

  • SSDEEP

    3072:UlfGqwJTeTEom3lIkR2SCD6q9KgyItk78mV0dfgxT/cqAlw5VgCK5hcjgSxJFocW:UlDosEPR66q9KgylInd6oqAlD5OnFoc

Score
10/10
gozi_ifsb10103

Malware Config

Extracted

Family

gozi_ifsb

Botnet

10103

C2

trackingg-protectioon.cdn1.mozilla.net

45.8.158.104

188.127.224.114

weiqeqwns.com

wdeiqeqwns.com

weiqeqwens.com

weiqewqwns.com

iujdhsndjfks.com
Attributes
  • base_path

    /uploaded/

  • exe_type

    worker

  • extension

    .pct

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      51b0000.dll.exe

    • Size

      227KB

    • MD5

      094f41bc4ba276ef66971ddd35c63365

    • SHA1

      3aefe72b7f7e4aef5c68c1c5ca60ffa25071984d

    • SHA256

      857ea4a7ea0b6903992bc62853453e780b8e8e6af87daa574660be322473b9fc

    • SHA512

      48d25444b580cca73dfaa6584096e51154f3116c784d1bdb0ed9ec86d6be0fd4df8a0a613155ba5bce739420f5a6dbec31173fc76a2e9cb4994e3e681faea8b5

    • SSDEEP

      3072:UlfGqwJTeTEom3lIkR2SCD6q9KgyItk78mV0dfgxT/cqAlw5VgCK5hcjgSxJFocW:UlDosEPR66q9KgylInd6oqAlD5OnFoc

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks