Overview

overview

10

Static

static

10

856-98-0x0...ry.dll

windows7-x64

3

856-98-0x0...ry.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    856-98-0x0000000010000000-0x000000001000E000-memory.dmp

  • Size

    56KB

  • Sample

    221020-pjjmmsdcdk

  • MD5

    35e59796049240e60fc2191adf95a97e

  • SHA1

    802c6173aa9f19a996d9f819d1003a2bee0bdcc5

  • SHA256

    4e7cfe749a10d717f573b777b15adc8d63e9ecb32570bea3f6d2891d19210fb6

  • SHA512

    7250f4281a9674823d489121bf17fe82cf4dab052d1ef99ce11c1010ab8de4b39e57f3ef29dc765b5ae5d71bb9dadf14ca0948f52cfdc9cc439a51dbb20a6b0f

  • SSDEEP

    768:A2gGmsx3R69vK7vjyRpq63goMWPXE2bE/JVMq2LATqeeAeOu2D2wqmLiu6:KGBx3R6KApqlaPGhVMq2LpeReOb2Pmp

Score
10/10
gozi_ifsb5000

Malware Config

Extracted

Family

gozi_ifsb

Botnet

5000

C2

config.edge.skype.com

onlinetwork.top

linetwork.top
Attributes
  • base_path

    /drew/

  • build

    250246

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      856-98-0x0000000010000000-0x000000001000E000-memory.dmp

    • Size

      56KB

    • MD5

      35e59796049240e60fc2191adf95a97e

    • SHA1

      802c6173aa9f19a996d9f819d1003a2bee0bdcc5

    • SHA256

      4e7cfe749a10d717f573b777b15adc8d63e9ecb32570bea3f6d2891d19210fb6

    • SHA512

      7250f4281a9674823d489121bf17fe82cf4dab052d1ef99ce11c1010ab8de4b39e57f3ef29dc765b5ae5d71bb9dadf14ca0948f52cfdc9cc439a51dbb20a6b0f

    • SSDEEP

      768:A2gGmsx3R69vK7vjyRpq63goMWPXE2bE/JVMq2LATqeeAeOu2D2wqmLiu6:KGBx3R6KApqlaPGhVMq2LpeReOb2Pmp

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks