Overview

overview

10

Static

static

9

26abb23658...b4.exe

windows7_x64

10

26abb23658...b4.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    26abb23658a1829ab32e9571659eb160043e35e0100124c5c612e8e31e81cfb4

  • Size

    909KB

  • Sample

    220520-hkxsbseef2

  • MD5

    b05e538afe8cb9d55f0e61720626310c

  • SHA1

    c3154048ac74ceac75fdc62820ef66f1bdb31334

  • SHA256

    26abb23658a1829ab32e9571659eb160043e35e0100124c5c612e8e31e81cfb4

  • SHA512

    c668ab5c2686c84c329948c2bf72b7e1c20ea81e3a3706367655cdbb8f67c3d724b82a29252e5fc9c498c664338d370366df95cc806e58fc7738320962ca166c

Score
10/10
gozi_rm3202004141bankercryptonepackertrojan

Malware Config

Extracted

Family

gozi_rm3

Attributes
  • build

    300854

Extracted

Family

gozi_rm3

Botnet

202004141

C2

https://devicelease.xyz

Attributes
  • build

    300854

  • dga_base_url

    constitution.org/usdeclar.txt

  • dga_crc

    0x4eb7d2ca

  • dga_season

    10

  • dga_tlds

    com

    ru

    org

  • exe_type

    loader

  • server_id

    12

  • url_path

    index.htm

rsa_pubkey.plain
serpent.plain

Targets

    • Target

      26abb23658a1829ab32e9571659eb160043e35e0100124c5c612e8e31e81cfb4

    • Size

      909KB

    • MD5

      b05e538afe8cb9d55f0e61720626310c

    • SHA1

      c3154048ac74ceac75fdc62820ef66f1bdb31334

    • SHA256

      26abb23658a1829ab32e9571659eb160043e35e0100124c5c612e8e31e81cfb4

    • SHA512

      c668ab5c2686c84c329948c2bf72b7e1c20ea81e3a3706367655cdbb8f67c3d724b82a29252e5fc9c498c664338d370366df95cc806e58fc7738320962ca166c

    Score
    10/10
    gozi_rm3202004141bankertrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks