Overview

overview

10

Static

static

10

gozi.dll

windows7-x64

1

gozi.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    gozi.payload-disk

  • Size

    43KB

  • Sample

    220928-pmp9lafha2

  • MD5

    2a29f12a43156619c6a97cb54844b053

  • SHA1

    d7deab6e3c5e158b73c9ffb1455cb57f04423786

  • SHA256

    5ea2b9d4c4b4f5f102d63de28ad8ce4016a01469cd2c2ab92be57e5af6839f87

  • SHA512

    6face3d956fc26757a215d3b88c3acbd6bd9f2bf3899073bd86c0fb1c9aeb564e75f41503527afdccf7f2fff53247383a79730aca3e7388923ecf6c04660ebb3

  • SSDEEP

    768:9TmE+L5AkTXKMaqD4leJiArJBFkK527nhoZ3eGiTb7gp6XFlkq9k:9TmE+L5AkTixchBOKinCZ3eGGb7dTR9k

Score
10/10
gozi_ifsb40000

Malware Config

Extracted

Family

gozi_ifsb

Botnet

40000

C2

trackingg-protectioon.cdn1.mozilla.net

45.8.158.104

188.127.224.114

weiqeqwns.com

wdeiqeqwns.com

weiqeqwens.com

weiqewqwns.com

iujdhsndjfks.com
Attributes
  • base_path

    /uploaded/

  • build

    250246

  • exe_type

    loader

  • extension

    .pct

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      gozi.payload-disk

    • Size

      43KB

    • MD5

      2a29f12a43156619c6a97cb54844b053

    • SHA1

      d7deab6e3c5e158b73c9ffb1455cb57f04423786

    • SHA256

      5ea2b9d4c4b4f5f102d63de28ad8ce4016a01469cd2c2ab92be57e5af6839f87

    • SHA512

      6face3d956fc26757a215d3b88c3acbd6bd9f2bf3899073bd86c0fb1c9aeb564e75f41503527afdccf7f2fff53247383a79730aca3e7388923ecf6c04660ebb3

    • SSDEEP

      768:9TmE+L5AkTXKMaqD4leJiArJBFkK527nhoZ3eGiTb7gp6XFlkq9k:9TmE+L5AkTixchBOKinCZ3eGGb7dTR9k

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks