General
-
Target
gozi.payload-disk
-
Size
43KB
-
Sample
220321-qgagmaced2
-
MD5
e7f49957d916e15bf8449f566e9eda8c
-
SHA1
391c87ab0dbcc802a8f8d727380caa4c8e9bc781
-
SHA256
cba3ec7d0bc169ca0ce4a53d8d2ee753354991867fc0264a93639300e4f6f333
-
SHA512
51980f17730a8e90ec06ae7e14beaa9fb2a5d71230239c869fc5bea13fbfd350e24ad39cf36ed5e783b31d75ca5f095f14f07eaa410e886ad3197022fbef4d75
Behavioral task
behavioral1
Sample
gozi.dll
Resource
win7-20220310-en
Behavioral task
behavioral2
Sample
gozi.dll
Resource
win10v2004-en-20220113
Malware Config
Extracted
gozi_ifsb
7622
botanlink.top
linkspremium.ru
premiumlists.ru
-
base_path
/drew/
-
build
250225
-
exe_type
loader
-
extension
.jlk
-
server_id
50
Targets
-
-
Target
gozi.payload-disk
-
Size
43KB
-
MD5
e7f49957d916e15bf8449f566e9eda8c
-
SHA1
391c87ab0dbcc802a8f8d727380caa4c8e9bc781
-
SHA256
cba3ec7d0bc169ca0ce4a53d8d2ee753354991867fc0264a93639300e4f6f333
-
SHA512
51980f17730a8e90ec06ae7e14beaa9fb2a5d71230239c869fc5bea13fbfd350e24ad39cf36ed5e783b31d75ca5f095f14f07eaa410e886ad3197022fbef4d75
Score1/10 -