Overview

overview

10

Static

static

10

gozi.dll

windows7-x64

1

gozi.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    gozi.payload-disk

  • Size

    43KB

  • Sample

    221013-h1exfsbagn

  • MD5

    605b71e6da7b5b65af32a333116030cc

  • SHA1

    9eb51e96356cae7fba3718dbff36b7995522a217

  • SHA256

    26bba2cbbd83323d1763975283c238a234c2b9450d03fb2c931b47df7571eac6

  • SHA512

    a2d6448d31a4847228650f9310c5f572be4672f269a5ca4d471afc6ea9d79c2032c0d4201ff2e425ec0be7ebea5cf9190046a2f5f394df9fb06fb57a102533d6

  • SSDEEP

    768:TTmE+L5AkTXKMaqD4leJiArJBFkK527nhoZ3eGiTb7gp6XFlkq9k:TTmE+L5AkTixchBOKinCZ3eGGb7dTR9k

Score
10/10
gozi_ifsb10103

Malware Config

Extracted

Family

gozi_ifsb

Botnet

10103

C2

trackingg-protectioon.cdn1.mozilla.net

45.8.158.104

188.127.224.114

weiqeqwns.com

wdeiqeqwns.com

weiqeqwens.com

weiqewqwns.com

iujdhsndjfks.com
Attributes
  • base_path

    /uploaded/

  • build

    250246

  • exe_type

    loader

  • extension

    .pct

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      gozi.payload-disk

    • Size

      43KB

    • MD5

      605b71e6da7b5b65af32a333116030cc

    • SHA1

      9eb51e96356cae7fba3718dbff36b7995522a217

    • SHA256

      26bba2cbbd83323d1763975283c238a234c2b9450d03fb2c931b47df7571eac6

    • SHA512

      a2d6448d31a4847228650f9310c5f572be4672f269a5ca4d471afc6ea9d79c2032c0d4201ff2e425ec0be7ebea5cf9190046a2f5f394df9fb06fb57a102533d6

    • SSDEEP

      768:TTmE+L5AkTXKMaqD4leJiArJBFkK527nhoZ3eGiTb7gp6XFlkq9k:TTmE+L5AkTixchBOKinCZ3eGGb7dTR9k

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks