Overview

overview

10

Static

static

10

gozi.dll

windows7-x64

1

gozi.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    gozi.payload-disk

  • Size

    43KB

  • Sample

    220923-jam1tadeb3

  • MD5

    cbd91a1aae7ac0a86b9a7074d0f69bcc

  • SHA1

    e0091ad6cebba035ebb62b648e4f88b6f7de449c

  • SHA256

    092fa6becc2f58ec2777d7d9fb059e89f09fce358eef9b5d5fcac9d0d34cbb4c

  • SHA512

    38f9f598e50a962d4c7d457698ab1b3cdf1a96843cdecdbd56ac74c629ad99b213686f618b8f012811a632c0a40f6660bd12b38134c5b7de5ddc27d64312635a

  • SSDEEP

    768:+lYhzJ2VQEFfLCUeQCuu6Mf39Y+RMRZOz4yM7gp/6lvVp:+lYhzJ2VQEFf/2VYuAZOzNM7uyH

Score
10/10
gozi_ifsb200000

Malware Config

Extracted

Family

gozi_ifsb

Botnet

200000

C2

trackingg-protectioon.cdn1.mozilla.net

45.8.158.104

188.127.224.114

weiqeqwns.com

wdeiqeqwns.com

weiqeqwens.com

weiqewqwns.com

iujdhsndjfks.com
Attributes
  • base_path

    /uploaded/

  • build

    250240

  • exe_type

    loader

  • extension

    .pct

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      gozi.payload-disk

    • Size

      43KB

    • MD5

      cbd91a1aae7ac0a86b9a7074d0f69bcc

    • SHA1

      e0091ad6cebba035ebb62b648e4f88b6f7de449c

    • SHA256

      092fa6becc2f58ec2777d7d9fb059e89f09fce358eef9b5d5fcac9d0d34cbb4c

    • SHA512

      38f9f598e50a962d4c7d457698ab1b3cdf1a96843cdecdbd56ac74c629ad99b213686f618b8f012811a632c0a40f6660bd12b38134c5b7de5ddc27d64312635a

    • SSDEEP

      768:+lYhzJ2VQEFfLCUeQCuu6Mf39Y+RMRZOz4yM7gp/6lvVp:+lYhzJ2VQEFf/2VYuAZOzNM7uyH

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks