Overview

overview

10

Static

static

10

gozi.dll

windows7-x64

1

gozi.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    gozi.payload-disk

  • Size

    43KB

  • Sample

    220926-qy8qraahg2

  • MD5

    ef7a0cc9b9283cbf25044a01330162e9

  • SHA1

    26106afb015720fa553217e042e23207f386c933

  • SHA256

    4e0019b05bb4997a904465ea7e25b5b58c1d1eb3eca756b37db118c5ac3bb564

  • SHA512

    b9c91f2ce495f9534fc0db5e07940461a39e56a19131a0a38bc51f773afccbb54b92b50bdfa4e85d5a312f3660294cf6c4de00dd53c6c7aa6198e1f626433b59

  • SSDEEP

    768:qTmE+L5AkTXKMaqD4leJiArJBFkK527nhoZ3eGiTb7gp6XFlkq9k:qTmE+L5AkTixchBOKinCZ3eGGb7dTR9k

Score
10/10
gozi_ifsb10103

Malware Config

Extracted

Family

gozi_ifsb

Botnet

10103

C2

trackingg-protectioon.cdn1.mozilla.net

45.8.158.104

188.127.224.114

weiqeqwns.com

wdeiqeqwns.com

weiqeqwens.com

weiqewqwns.com

iujdhsndjfks.com
Attributes
  • base_path

    /uploaded/

  • build

    250246

  • exe_type

    loader

  • extension

    .pct

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      gozi.payload-disk

    • Size

      43KB

    • MD5

      ef7a0cc9b9283cbf25044a01330162e9

    • SHA1

      26106afb015720fa553217e042e23207f386c933

    • SHA256

      4e0019b05bb4997a904465ea7e25b5b58c1d1eb3eca756b37db118c5ac3bb564

    • SHA512

      b9c91f2ce495f9534fc0db5e07940461a39e56a19131a0a38bc51f773afccbb54b92b50bdfa4e85d5a312f3660294cf6c4de00dd53c6c7aa6198e1f626433b59

    • SSDEEP

      768:qTmE+L5AkTXKMaqD4leJiArJBFkK527nhoZ3eGiTb7gp6XFlkq9k:qTmE+L5AkTixchBOKinCZ3eGGb7dTR9k

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks