gozi_rm3 | 604c2ab0a2b912406141d5fdf587ebe1b88347a32523a82c6fbcaf922ae4ed80 | Triage

Sharing

General

Target

604c2ab0a2b912406141d5fdf587ebe1b88347a32523a82c6fbcaf922ae4ed80
Size

67KB
Sample

220724-vb5sssbefp
MD5

3204a2da3b1729994bdb30ee2ac1c590
SHA1

4b787542f8749d3d3765e1ae34239d5b0f484641
SHA256

604c2ab0a2b912406141d5fdf587ebe1b88347a32523a82c6fbcaf922ae4ed80
SHA512

c81ff393929b522f1bf8fe1a47c554cf3a92cdfe9e54f2a3aeee159e7c8c07453533c67c462fdd0455f13204cbdae306d82b7cd00cbce52090033d36e79bcdd9

Score

10^/10

gozi_rm3 201911263

Malware Config

Extracted

Family

gozi_rm3

Attributes

exe_type
loader

Extracted

Family

gozi_rm3

Botnet

201911263

C2

https://olasharm.xyz

Attributes

build
300826
dga_season
10
exe_type
loader
server_id
12
url_path
index.html

rsa_pubkey.plain

serpent.plain

Targets

- Target
  
  604c2ab0a2b912406141d5fdf587ebe1b88347a32523a82c6fbcaf922ae4ed80
- Size
  
  67KB
- MD5
  
  3204a2da3b1729994bdb30ee2ac1c590
- SHA1
  
  4b787542f8749d3d3765e1ae34239d5b0f484641
- SHA256
  
  604c2ab0a2b912406141d5fdf587ebe1b88347a32523a82c6fbcaf922ae4ed80
- SHA512
  
  c81ff393929b522f1bf8fe1a47c554cf3a92cdfe9e54f2a3aeee159e7c8c07453533c67c462fdd0455f13204cbdae306d82b7cd00cbce52090033d36e79bcdd9
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

201911263gozi_rm3

behavioral1

behavioral2