Overview

overview

10

Static

static

10

51f0000.dll

windows7-x64

1

51f0000.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    51f0000.dll.exe

  • Size

    227KB

  • Sample

    220926-rad2xabac2

  • MD5

    1eed97b02e792dc7bee2949d26dc6d6a

  • SHA1

    e8d8733502980550a6d067530b71a46a13a37ba9

  • SHA256

    0f24c819947ad410e0d85d41218f8a940317aeebbac32630fb29ac5917c4ca46

  • SHA512

    65e29fd6bbb0f203b2acaed3af184f8781b06119e52fc13f3342ddd6cbc34edd58c5a842692c820a17fb18f2cf991721e3680daba285427476f3c0a0b167568b

  • SSDEEP

    3072:UlfGqwJTeTEom3lIkR2SCD6q9KgyItk78mV0dfgxT/cqAdw5VgCK5hcjxOxJFocW:UlDosEPR66q9KgylInd6oqAdD5DnFoc

Score
10/10
gozi_ifsb10103

Malware Config

Extracted

Family

gozi_ifsb

Botnet

10103

C2

trackingg-protectioon.cdn1.mozilla.net

45.8.158.104

188.127.224.114

weiqeqwns.com

wdeiqeqwns.com

weiqeqwens.com

weiqewqwns.com

iujdhsndjfks.com
Attributes
  • base_path

    /uploaded/

  • exe_type

    worker

  • extension

    .pct

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      51f0000.dll.exe

    • Size

      227KB

    • MD5

      1eed97b02e792dc7bee2949d26dc6d6a

    • SHA1

      e8d8733502980550a6d067530b71a46a13a37ba9

    • SHA256

      0f24c819947ad410e0d85d41218f8a940317aeebbac32630fb29ac5917c4ca46

    • SHA512

      65e29fd6bbb0f203b2acaed3af184f8781b06119e52fc13f3342ddd6cbc34edd58c5a842692c820a17fb18f2cf991721e3680daba285427476f3c0a0b167568b

    • SSDEEP

      3072:UlfGqwJTeTEom3lIkR2SCD6q9KgyItk78mV0dfgxT/cqAdw5VgCK5hcjxOxJFocW:UlDosEPR66q9KgylInd6oqAdD5DnFoc

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks