ioc[.]one - OSINT Cyber Threat Intelligence Database

Chapter 1 — From Gozi to ISFB: The history of a mythical malware family.

Tags

country:	Australia Canada Switzerland Colombia Germany Italy Japan Poland
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Direct Model Bootkit - T1542.003 Botnet - T1583.005 Botnet - T1584.005 Credentials - T1589.001 Domains - T1583.001 Domains - T1584.001 Ip Addresses - T1590.005 Javascript - T1059.007 Keylogging - T1056.001 Keylogging - T1417.001 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Vnc - T1021.005 Tool - T1588.002 Bootkit - T1067 Connection Proxy - T1090 Powershell - T1086

Show in Graph

Common Information

Type	Value
UUID	6be417af-5661-4d7b-8f80-0ddaf6b15ed4
Fingerprint	263158f38da7c685
Analysis status	DONE
Considered CTI value	2
Text language
Published	Oct. 24, 2022, 9:13 a.m.
Added to db	Jan. 16, 2023, 3:52 p.m.
Last updated	Nov. 9, 2024, 6:09 a.m.
Headline	Chapter 1 — From Gozi to ISFB: The history of a mythical malware family.
Title	Chapter 1 — From Gozi to ISFB: The history of a mythical malware family.
Detected Hints/Tags/Attributes	162/3/17

Source URLs

	Redirection	Url
Details	Source	https://medium.com/csis-techblog/chapter-1-from-gozi-to-isfb-the-history-of-a-mythical-malware-family-82e592577fef

URL Provider

Details	Provider	Source level domain
Details	medium.com	medium.com

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	1		14.xxx
Details	Domain	1		12.xxx
Details	Domain	1		15.xxx
Details	Domain	1		16.xxx
Details	Domain	1		17.xxx
Details	Domain	1		v2.xx.xxx
Details	Domain	3		panel.zip
Details	Domain	1		wombo.art
Details	File	3		panel.zip
Details	File	4		123.txt
Details	sha256	1		ffcb650b28719d3bde1b032b14cfe7f5d7f2a73878d752737da0ba8a4f8bb70c
Details	sha256	1		7e0bf604d3ab673a519feb5d5375f0f88cf46e7cd1d3aa301b1b9fb722e9cef7
Details	sha256	1		b74327fb49965c60d3d066788c5e0ece297187944e4336d6fea79135455f62fb
Details	sha256	1		f815a76a46034e200a7be1ccc319174da6bebed8426df7adac6374b5abc94f47
Details	sha256	2		21a03d9c845e446cb96eba7c93aa6403b8a9aaa744801e77468bf73c0507d028
Details	sha256	1		1c2fd2e6d4f1e0e2ee23f4b9ae0ea061cc1f4b41a28ec184ce7e70d5be263e8f
Details	sha256	1		2502a3f8c9a6a8681f9222e93b14e077bf879e3009571c646ee94275bc994d01