Overview

overview

10

Static

static

10

1060-54-0x...ry.dll

windows7-x64

1060-54-0x...ry.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1060-54-0x0000000000030000-0x000000000003D000-memory.dmp

  • Size

    52KB

  • Sample

    221013-je5fnabch8

  • MD5

    c7c7a20a5f9235ef7742586ae74602e7

  • SHA1

    ea94d005d1af17e82220db2c456a5d7ae1f237c9

  • SHA256

    ee0d85cc092e42c775c174f337a3470bb070482bb5b3ef00abf714d85d0e3a33

  • SHA512

    4c69811908c0413d727f3061811547ebdd84973c417953a02bc5618f44cf8382653e1cb2543743da20e0a102bc3f59f3f7b8dd52a3e069d4d3b63c75a1470747

  • SSDEEP

    768:t810AE+LKbobvT34luMOY0/xvZyqFUfehkgrjVU58MgJXFlkq9k:tM0AE+LKbsc8BoqgeiejVU58MkTR9k

Score
10/10
gozi_ifsb10103

Malware Config

Extracted

Family

gozi_ifsb

Botnet

10103

C2

trackingg-protectioon.cdn1.mozilla.net

45.8.158.104

188.127.224.114

weiqeqwns.com

wdeiqeqwns.com

weiqeqwens.com

weiqewqwns.com

iujdhsndjfks.com
Attributes
  • base_path

    /uploaded/

  • build

    250246

  • exe_type

    loader

  • extension

    .pct

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      1060-54-0x0000000000030000-0x000000000003D000-memory.dmp

    • Size

      52KB

    • MD5

      c7c7a20a5f9235ef7742586ae74602e7

    • SHA1

      ea94d005d1af17e82220db2c456a5d7ae1f237c9

    • SHA256

      ee0d85cc092e42c775c174f337a3470bb070482bb5b3ef00abf714d85d0e3a33

    • SHA512

      4c69811908c0413d727f3061811547ebdd84973c417953a02bc5618f44cf8382653e1cb2543743da20e0a102bc3f59f3f7b8dd52a3e069d4d3b63c75a1470747

    • SSDEEP

      768:t810AE+LKbobvT34luMOY0/xvZyqFUfehkgrjVU58MgJXFlkq9k:tM0AE+LKbsc8BoqgeiejVU58MkTR9k

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks