Overview

overview

10

Static

static

10

gozi.dll

windows7-x64

1

gozi.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    gozi.payload-disk

  • Size

    43KB

  • Sample

    221020-plnpdadeh4

  • MD5

    a0f63bbf3b8e03bfc7c4941c0bb31075

  • SHA1

    caeb32eb9399e89f166c7e07986c6beb99f3c240

  • SHA256

    15f60ddcb36aa4c5d55050587109f3f252e1b61c92744718cd1562181bef97bf

  • SHA512

    6982f0fd8035b53ef71df1efefee2514239447a6236da6abac842bd2a790a20512cbef5e8e072041d2115ce0e23f767545aee0c2b34b2168f5395cdb252650ab

  • SSDEEP

    768:LTmE+L5AkTXKMaqD4leJiArJBFkK527nhoZ3eGiTb7gp6XFlkq9kN:LTmE+L5AkTixchBOKinCZ3eGGb7dTR98

Score
10/10
gozi_ifsb5000

Malware Config

Extracted

Family

gozi_ifsb

Botnet

5000

C2

config.edge.skype.com

onlinetwork.top

linetwork.top
Attributes
  • base_path

    /drew/

  • build

    250246

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      gozi.payload-disk

    • Size

      43KB

    • MD5

      a0f63bbf3b8e03bfc7c4941c0bb31075

    • SHA1

      caeb32eb9399e89f166c7e07986c6beb99f3c240

    • SHA256

      15f60ddcb36aa4c5d55050587109f3f252e1b61c92744718cd1562181bef97bf

    • SHA512

      6982f0fd8035b53ef71df1efefee2514239447a6236da6abac842bd2a790a20512cbef5e8e072041d2115ce0e23f767545aee0c2b34b2168f5395cdb252650ab

    • SSDEEP

      768:LTmE+L5AkTXKMaqD4leJiArJBFkK527nhoZ3eGiTb7gp6XFlkq9kN:LTmE+L5AkTixchBOKinCZ3eGGb7dTR98

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks