General

  • Target

    https://suakhoaketsattphcm.com/filial/impresa.zip

  • Sample

    230316-h27zmabh8s

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

7714

C2

checklist.skype.com

5.44.43.17

31.41.44.108

62.173.138.213

109.248.11.174

Attributes
  • base_path

    /drew/

  • build

    250255

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

MITRE ATT&CK Enterprise v6

Tasks