Overview

overview

10

Static

static

10

worker_101...95.dll

windows7-x64

3

worker_101...95.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    worker_10101_b3fd0e697434b0d74adbae84edd1eb7bb4c5e81fcd39948f7189db50ae730295.bin

  • Size

    177KB

  • Sample

    221003-1gkygagegn

  • MD5

    f0321c409734231d4eaedf8bb0cd8a85

  • SHA1

    060ebe1a8eeb459f137d97d92bb3a307e69db1c0

  • SHA256

    b3fd0e697434b0d74adbae84edd1eb7bb4c5e81fcd39948f7189db50ae730295

  • SHA512

    1549b8d658811f7efc2c72f2caa51dc28f972df3634ad007431b20adb0a21ee22a633863adc0a9807670b4ca78df28b376d403252c6690d175967c1783c29c1f

  • SSDEEP

    3072:ZLQsLhnCYPu9BTqN+SxXZHz1/HfGBg2WbnV/Hm+CfbG5aX9S2CkcD2ff+4Bo:ekuX0tH9GLWbnVTCDG6Skc0+oo

Score
10/10
gozi_ifsb10101

Malware Config

Extracted

Family

gozi_ifsb

Botnet

10101

C2

trackingg-protectioon.cdn1.mozilla.net

45.8.158.104

188.127.224.114

weiqeqwns.com

wdeiqeqwns.com

weiqeqwens.com

weiqewqwns.com

iujdhsndjfks.com
Attributes
  • base_path

    /uploaded/

  • build

    250246

  • exe_type

    worker

  • extension

    .pct

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      worker_10101_b3fd0e697434b0d74adbae84edd1eb7bb4c5e81fcd39948f7189db50ae730295.bin

    • Size

      177KB

    • MD5

      f0321c409734231d4eaedf8bb0cd8a85

    • SHA1

      060ebe1a8eeb459f137d97d92bb3a307e69db1c0

    • SHA256

      b3fd0e697434b0d74adbae84edd1eb7bb4c5e81fcd39948f7189db50ae730295

    • SHA512

      1549b8d658811f7efc2c72f2caa51dc28f972df3634ad007431b20adb0a21ee22a633863adc0a9807670b4ca78df28b376d403252c6690d175967c1783c29c1f

    • SSDEEP

      3072:ZLQsLhnCYPu9BTqN+SxXZHz1/HfGBg2WbnV/Hm+CfbG5aX9S2CkcD2ff+4Bo:ekuX0tH9GLWbnVTCDG6Skc0+oo

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks