General

  • Target

    bubble_extracted.7z

  • Size

    1.4MB

  • Sample

    250424-yx3r4syjw7

  • MD5

    90c60556d3c607805fd86b1a5ea635ac

  • SHA1

    ae7ae220b02b9475822d5ba8727a3210332e82ca

  • SHA256

    be77d8d3e23e4d5c96d8281162daa7554eef1683a5d5c9d8aa03454734ebb109

  • SHA512

    889b5813b28d52f85e9eeb4a8ad6a2639bb9754b3e7d089c99208f16e2cedf2fb80b707a571ddff1e9ff5e29f2822224ace75b3877e1434cbef86995b621892f

  • SSDEEP

    24576:mM+VNbszISF1byxG7mCgnG5YtyOGvq7V5BcZZBjCCXKvG7RF/EqHYN2UA3Zeh:mwcu1byw7mCgnG5GyjivoC8EORF/E0K9

Malware Config

Extracted

Family

gozi

Extracted

Family

purecrypter

C2

https://cdn.discordapp.com/attachments/1000747213397426258/1003112003574956072/upd_Awqcktbs.jpg

Targets

    • Target

      05d48395-837a-49fa-8170-a9b789370bbe.dll

    • Size

      7.3MB

    • MD5

      b23bad75a7e05cef79beca5e83ab8430

    • SHA1

      49915b2248277bcdcc630cd917c7b24b6c21ef31

    • SHA256

      f5dc50444057a586ff44c3c6f84a213531ab9f115fd05d7bc321b17a54f9a4e1

    • SHA512

      540ae85e69ff63a97dafde813bbaf1256e0c87b1a58b8768277f74d8bb73786b151df29f823788b036832d4c29d4cbd6193e77260c6721cfffc7cfc4685cd872

    • SSDEEP

      98304:adDTHppTQBzjYz067yqu/mnFQOi33nFbO4KSgPTPgS8NAvKBUuYW2b/i2BoWow//:yM2PrW2UsCX+H

    Score
    1/10
    • Target

      Newtonsoft.Json.dll

    • Size

      678KB

    • MD5

      8a5e8bb8e0caad41d88c75223009f110

    • SHA1

      cddad5b3b761f8a6762b9ba6e5a5526d49c91339

    • SHA256

      57ed3a8b06c3ee40450d175eae8058edd164c20e95644614cc497cefdea01a00

    • SHA512

      5a3a3adf0d40747f0cfa3348248b44033bd5f231031c8b8a3cc0d8c9dd71e9d4d3967c84bd1c38a8741904a76e7963096948dde8d71d2362824d11056b9fc26e

    • SSDEEP

      12288:U9BzaPm657wqehcZBLX+HK+kPJUQEKx07N0TCBGiBCjC0PDgM5j9FKjc3:U8m657w6ZBLmkitKqBCjC0PDgM5

    Score
    1/10
    • Target

      ReaLTaiizor.dll

    • Size

      6.1MB

    • MD5

      a5fc49ea61764ff45785f80144f7fa5d

    • SHA1

      65e04e43e541b3a486e223b092fe87da7491055c

    • SHA256

      d02c6aee20d595fe56d764ac36f287d9f38192eda22c3918d2700b76fb1f01e3

    • SHA512

      d16c16dfa71dc511b8a51663a834629c9d07e8cd6b1fab24f651c6a7a3b76ee01a949bb7e638042a5b66d4f3c3d25583cd5f583f57b8cf830de760159c0bb9a9

    • SSDEEP

      98304:mdDTHppTQBzjYz067yqu/mnFQOi33nFbO4KSgPTPgS8NAvKBUuYW2b/i2BoWow/0:eM2PrW2U

    Score
    1/10
    • Target

      SevenZipSharp.dll

    • Size

      147KB

    • MD5

      05c9849856abc683bcbc5c8d7921c146

    • SHA1

      ad8ec49116b026eee2dd04d6434ede7ddce9734d

    • SHA256

      49284b31f28d0a62d797cfcf17f464c8c2b22b29d0e8ab7c15c94724d83e595c

    • SHA512

      c0bfb5d987fe06eba3a7b0f0c73e24cc74935a8d1efd8a79d64b36c56d498532e453049715fb8c1509eda50a0a2f1213ce67d1edaf6bfcb200e0be58af67ea5e

    • SSDEEP

      3072:auMYWaB5+DBS4+aYX/PzJiXyjdZXUtd6uEhd/yZcvdUCG:auMYD7gJY1iXyjb

    Score
    1/10
    • Target

      upd.exe

    • Size

      141KB

    • MD5

      f45d7b351cc6417da06c7cd9247df80d

    • SHA1

      a3c07f5e38456ffb0545c0bd85444d89ce972e9f

    • SHA256

      4dc32bf8f52a30c9c30e876afeeb1621f0028222e6f194c95a72926fd1b2c259

    • SHA512

      5cb78c2b6d79b4873a63b213dfea8b660c541bce8310f3c8cc6fab1df1bbf9dc036c5fbff7d366e398c542d1c119236f9a3cfccd9ad36ff59bbf6ee1a04183da

    • SSDEEP

      3072:Lyts26Q/bJveWDpppppppppppppppppppppphxM+Dxr:WC2ispppppppppppppppppppppFM+Dx

MITRE ATT&CK Matrix

Tasks