Overview

overview

10

Static

static

10

94efc360c4...c2.exe

windows7_x64

94efc360c4...c2.exe

windows10-2004_x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    94efc360c4ab44da5d0c5699972cf51c90c3cf520b8fc25490e5efb0b7a104c2

  • Size

    72KB

  • Sample

    220201-lq2v1schf9

  • MD5

    f7545e642038c976a66b7e78f03d4e7d

  • SHA1

    1866c0a2b638dc106543b1bb0fe60bd99a650514

  • SHA256

    94efc360c4ab44da5d0c5699972cf51c90c3cf520b8fc25490e5efb0b7a104c2

  • SHA512

    800f3fb87903b9edfdca68cea49ec725d20530eccbdfb51f3bf7964008d5a6ed2b6a4891819cbf921cdbffa76552e11f7d44af4984d228c219ef33db898c1bd4

Score
10/10
gozi_rm32020109324

Malware Config

Extracted

Family

gozi_rm3

Attributes
  • exe_type

    loader

Extracted

Family

gozi_rm3

Botnet

2020109324

C2

https://bonderlas.xyz

Attributes
  • build

    300932

  • exe_type

    loader

  • non_target_locale

    RU

  • server_id

    12

  • url_path

    index.htm

rsa_pubkey.plain
serpent.plain

Targets

    • Target

      94efc360c4ab44da5d0c5699972cf51c90c3cf520b8fc25490e5efb0b7a104c2

    • Size

      72KB

    • MD5

      f7545e642038c976a66b7e78f03d4e7d

    • SHA1

      1866c0a2b638dc106543b1bb0fe60bd99a650514

    • SHA256

      94efc360c4ab44da5d0c5699972cf51c90c3cf520b8fc25490e5efb0b7a104c2

    • SHA512

      800f3fb87903b9edfdca68cea49ec725d20530eccbdfb51f3bf7964008d5a6ed2b6a4891819cbf921cdbffa76552e11f7d44af4984d228c219ef33db898c1bd4

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks