General
-
Target
gozi.payload-disk
-
Size
43KB
-
Sample
220209-t8r3jabbdn
-
MD5
9a30b3d9a6136e6e62b6850ef0c2883f
-
SHA1
dd66e78b91ef31f896f34405b02c8aca8b00706b
-
SHA256
25099437b18ea0bf75fb90dbb88a5f855a82b575b9145b5acf4403c759725a1f
-
SHA512
e7b9018a90b9f96bd68be528d48c006ba1e4be17117168bdcc77ee16d18073be5621cebbc197e3b5c4407e26ff57e9606a282940dacfd3c5761d85bba04cc011
Behavioral task
behavioral1
Sample
gozi.dll
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
gozi.dll
Resource
win10v2004-en-20220112
Malware Config
Extracted
gozi_ifsb
7612
securezzalink.top
securezzalink.space
linkspremium.ru
premiumlists.ru
-
base_path
/drew/
-
build
250225
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
gozi.payload-disk
-
Size
43KB
-
MD5
9a30b3d9a6136e6e62b6850ef0c2883f
-
SHA1
dd66e78b91ef31f896f34405b02c8aca8b00706b
-
SHA256
25099437b18ea0bf75fb90dbb88a5f855a82b575b9145b5acf4403c759725a1f
-
SHA512
e7b9018a90b9f96bd68be528d48c006ba1e4be17117168bdcc77ee16d18073be5621cebbc197e3b5c4407e26ff57e9606a282940dacfd3c5761d85bba04cc011
Score4/10 -