General

  • Target

    2892-5-0x0000000000400000-0x000000000040F000-memory.dmp

  • Size

    60KB

  • Sample

    231001-z6vzasfd69

  • MD5

    3ac417f820dfad7a1df7ea5de2e28ae2

  • SHA1

    8966f78ce293318da80b2ed53b39c85590c91238

  • SHA256

    0d8b0ed8c0ad00b89c6ec376300ec3809f82d5d143c55a287df351f09ff73d6a

  • SHA512

    c455a3f1863acba478422203409addbd2bcae93735cfc364911fab593a54bac7814f7084fd28b455d2d5edf5a9905ed16b9a596bf12352008d1e9ed214363ffa

  • SSDEEP

    768:iA3rPI5jShpW1vxwlZjyY8Kl7aQixYgxYJmv0NHY7lbjNltdX20JC:B3rPI5jSu1CZjLVJaf3C7YJj3HG0JC

Score
10/10

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

5050

C2

netsecurez.com

whofoxy.com

mimemoa.com

ntcgo.com

Attributes
  • base_path

    /jerry/

  • build

    250260

  • exe_type

    loader

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      2892-5-0x0000000000400000-0x000000000040F000-memory.dmp

    • Size

      60KB

    • MD5

      3ac417f820dfad7a1df7ea5de2e28ae2

    • SHA1

      8966f78ce293318da80b2ed53b39c85590c91238

    • SHA256

      0d8b0ed8c0ad00b89c6ec376300ec3809f82d5d143c55a287df351f09ff73d6a

    • SHA512

      c455a3f1863acba478422203409addbd2bcae93735cfc364911fab593a54bac7814f7084fd28b455d2d5edf5a9905ed16b9a596bf12352008d1e9ed214363ffa

    • SSDEEP

      768:iA3rPI5jShpW1vxwlZjyY8Kl7aQixYgxYJmv0NHY7lbjNltdX20JC:B3rPI5jSu1CZjLVJaf3C7YJj3HG0JC

    Score
    1/10

MITRE ATT&CK Matrix

Tasks