Overview

overview

10

Static

static

10

gozi.dll

windows7-x64

1

gozi.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    gozi.payload-disk

  • Size

    43KB

  • Sample

    221006-mgw4vahcgl

  • MD5

    2c08faf0583b48c179fd2a1a600892f5

  • SHA1

    a6e198282a28459a2a67baa37404f71d42a43dd9

  • SHA256

    a3e48fcff77ef8504648c565dae10038d5a19c2a58f4926fa637feb52eb9ad0c

  • SHA512

    019fb37f025147ee63345a653f8f57288364711b693269fcd086cc53b5eb2c566f296531c1178fef6907421fcfbf068861bfac1e9ea0e697a7da089df4b48520

  • SSDEEP

    768:wKTmE+L5AkTXKMaqD4leJiArJBFkK527nhoZ3eGiTb7gp6XFlkq9kd:wKTmE+L5AkTixchBOKinCZ3eGGb7dTRe

Score
10/10
gozi_ifsb200000

Malware Config

Extracted

Family

gozi_ifsb

Botnet

200000

C2

trackingg-protectioon.cdn1.mozilla.net

45.8.158.104

188.127.224.114

weiqeqwns.com

wdeiqeqwns.com

weiqeqwens.com

weiqewqwns.com

iujdhsndjfks.com
Attributes
  • base_path

    /uploaded/

  • build

    250246

  • exe_type

    loader

  • extension

    .pct

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      gozi.payload-disk

    • Size

      43KB

    • MD5

      2c08faf0583b48c179fd2a1a600892f5

    • SHA1

      a6e198282a28459a2a67baa37404f71d42a43dd9

    • SHA256

      a3e48fcff77ef8504648c565dae10038d5a19c2a58f4926fa637feb52eb9ad0c

    • SHA512

      019fb37f025147ee63345a653f8f57288364711b693269fcd086cc53b5eb2c566f296531c1178fef6907421fcfbf068861bfac1e9ea0e697a7da089df4b48520

    • SSDEEP

      768:wKTmE+L5AkTXKMaqD4leJiArJBFkK527nhoZ3eGiTb7gp6XFlkq9kd:wKTmE+L5AkTixchBOKinCZ3eGGb7dTRe

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks