Overview

overview

10

Static

static

10

win10-standard

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b4b08f943c35ef4fe663993b6bf2f5e1bd16154c

  • Size

    190KB

  • Sample

    221006-2d7hqsbaa6

  • MD5

    2f01cb33eae986da5f04044ca3aac9f0

  • SHA1

    b4b08f943c35ef4fe663993b6bf2f5e1bd16154c

  • SHA256

    078fcae3c1d78cbae021671a9c488c4d7a2ff6109f66d7b7033b0b4ab29ea66b

  • SHA512

    fc00f744e643903622ab97f379438da2950b1b21687ae6f72673e4ab3ec11a8c2a1f301bdbc2df37d626ed5ce897332b05bc098874e35aae521d84e5de0bba7a

  • SSDEEP

    3072:htU0dR25AJZ/XfH1QZbjyjOqx8DwPxAoCoWev+50qzGgcjk5+nL4Km0aJ:rU0nEaZ/XfH1QZiLxGUxA3opv+51cQ0O

Score
10/10
gozi_ifsb1001

Malware Config

Extracted

Family

gozi_ifsb

Botnet

1001

C2

karmanskietornshkievar.net

bjasneujqwhasdnqweqwe.com
Attributes
  • dga_season

    10

  • dga_tlds

    com

    ru

    org

  • exe_type

    worker

  • server_id

    12

rsa_pubkey.plain
serpent.plain

Targets

    • Target

      b4b08f943c35ef4fe663993b6bf2f5e1bd16154c

    • Size

      190KB

    • MD5

      2f01cb33eae986da5f04044ca3aac9f0

    • SHA1

      b4b08f943c35ef4fe663993b6bf2f5e1bd16154c

    • SHA256

      078fcae3c1d78cbae021671a9c488c4d7a2ff6109f66d7b7033b0b4ab29ea66b

    • SHA512

      fc00f744e643903622ab97f379438da2950b1b21687ae6f72673e4ab3ec11a8c2a1f301bdbc2df37d626ed5ce897332b05bc098874e35aae521d84e5de0bba7a

    • SSDEEP

      3072:htU0dR25AJZ/XfH1QZbjyjOqx8DwPxAoCoWev+50qzGgcjk5+nL4Km0aJ:rU0nEaZ/XfH1QZiLxGUxA3opv+51cQ0O

    Score
    1/10
    behavioral1

MITRE ATT&CK Matrix

Tasks