gozi_ifsb | fcad6121e5a3620399acc0b34c9ecaf5e70098464455f8e7a0decd7bb038a69c | Triage

Sharing

General

Target

0d6014f1d2487230c3bb38f31d2742577f84fd2f2e0d97be5fb9cf28b7ab6de9_unpacked_dropper
Size

82KB
Sample

221026-3w2wmsaagr
MD5

f2edc07f72b81b98bb10f694d13727ac
SHA1

38bdc31f7a9fafe0ff8a634380008dc6b1607cec
SHA256

fcad6121e5a3620399acc0b34c9ecaf5e70098464455f8e7a0decd7bb038a69c
SHA512

e58163f222e77ffa4cb7269dde011262f6fe9005706307c0c9270d660127571b889c3050901c0a8f040bcfb4666f7b1be78721f134d7c7f16cb2ef24fdf17607
SSDEEP

1536:C3N7xabOVqV+DmSAnfGcNrVaQY++QU1w920mdrixZ2Gj1BSiCJdwSl0J:Um1wDmZnfGcNkF++Z1i5PxZNj1QrdwSl

Score

10^/10

gozi_ifsb 1091

Malware Config

Extracted

Family

gozi_ifsb

Botnet

1091

C2

pop.project-ip.co.uk

Attributes

exe_type
loader
server_id
12

rsa_pubkey.plain

serpent.plain

Targets

- Target
  
  0d6014f1d2487230c3bb38f31d2742577f84fd2f2e0d97be5fb9cf28b7ab6de9_unpacked_dropper
- Size
  
  82KB
- MD5
  
  f2edc07f72b81b98bb10f694d13727ac
- SHA1
  
  38bdc31f7a9fafe0ff8a634380008dc6b1607cec
- SHA256
  
  fcad6121e5a3620399acc0b34c9ecaf5e70098464455f8e7a0decd7bb038a69c
- SHA512
  
  e58163f222e77ffa4cb7269dde011262f6fe9005706307c0c9270d660127571b889c3050901c0a8f040bcfb4666f7b1be78721f134d7c7f16cb2ef24fdf17607
- SSDEEP
  
  1536:C3N7xabOVqV+DmSAnfGcNrVaQY++QU1w920mdrixZ2Gj1BSiCJdwSl0J:Um1wDmZnfGcNkF++Z1i5PxZNj1QrdwSl
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2