General

  • Target

    c768e4a2cd9da523a239b8a7062153649b2d7d4b9785907afc6e2ca157d17a9a.exe

  • Size

    364KB

  • Sample

    241217-b7scssxncj

  • MD5

    6478992f1af7079de4d49706e7c74051

  • SHA1

    9168125bc5b481dceb64b34abcbbbe193013e80d

  • SHA256

    c768e4a2cd9da523a239b8a7062153649b2d7d4b9785907afc6e2ca157d17a9a

  • SHA512

    0f8ec9fdf477e182366ab6b372d8308e3ff829dc18aaa84877954444e9d1256b514bef904efe76d82c226f57186fd103254e7a6e7fb4c7291d6e030256142ec1

  • SSDEEP

    1536:cUzXF8CvrJ4PBhDP35o6hlGlProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVUg:cUh8k6DP3C6hsltOrWKDBr+yJbg

Malware Config

Extracted

Family

berbew

C2

http://crutop.nu/index.php

http://devx.nm.ru/index.php

http://ros-neftbank.ru/index.php

http://master-x.com/index.php

http://www.redline.ru/index.php

http://cvv.ru/index.php

http://hackers.lv/index.php

http://fethard.biz/index.php

http://crutop.ru/index.php

http://kaspersky.ru/index.php

http://color-bank.ru/index.php

http://adult-empire.com/index.php

http://virus-list.com/index.php

http://trojan.ru/index.php

http://xware.cjb.net/index.htm

http://konfiskat.org/index.htm

http://parex-bank.ru/index.htm

http://fethard.biz/index.htm

http://ldark.nm.ru/index.htm

http://gaz-prom.ru/index.htm

Extracted

Family

gozi

Targets

    • Target

      c768e4a2cd9da523a239b8a7062153649b2d7d4b9785907afc6e2ca157d17a9a.exe

    • Size

      364KB

    • MD5

      6478992f1af7079de4d49706e7c74051

    • SHA1

      9168125bc5b481dceb64b34abcbbbe193013e80d

    • SHA256

      c768e4a2cd9da523a239b8a7062153649b2d7d4b9785907afc6e2ca157d17a9a

    • SHA512

      0f8ec9fdf477e182366ab6b372d8308e3ff829dc18aaa84877954444e9d1256b514bef904efe76d82c226f57186fd103254e7a6e7fb4c7291d6e030256142ec1

    • SSDEEP

      1536:cUzXF8CvrJ4PBhDP35o6hlGlProNVU4qNVUrk/9QbfBr+7GwKrPAsqNVUg:cUh8k6DP3C6hsltOrWKDBr+yJbg

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.