Overview

overview

10

Static

static

10

gozi.dll

windows7-x64

1

gozi.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    gozi.payload-disk

  • Size

    43KB

  • Sample

    221026-hb3bfsehgm

  • MD5

    2bff375e136582e27baf83074b8e2e33

  • SHA1

    0feb0aeed9b58da0767568424aa6659f520d73ef

  • SHA256

    ec57d48f9a8f736a40382e30903debbbe0e077fdc4796a5d15b751fb4afa4ca0

  • SHA512

    8ead29614f3123fe206a26b6191a59bd69b8392683f8d34355048123b70e7c12fef4fa1511f8fb333835df959484f9d4c782a7a2c78dd6acd04987b04f73f844

  • SSDEEP

    768:FTmE+L5AkTXKMaqD4leJiArJBFkK527nhoZ3eGiTb7gp6XFlkq9k34d:FTmE+L5AkTixchBOKinCZ3eGGb7dTR9D

Score
10/10
gozi_ifsb10103

Malware Config

Extracted

Family

gozi_ifsb

Botnet

10103

C2

trackingg-protectioon.cdn1.mozilla.net

siwdmfkshsgw.com

188.127.224.114

weiqeqwns.com

weiqeqwens.com

weiqewqwns.com

iujdhsndjfks.com

ijduwhsbvk.com
Attributes
  • base_path

    /uploaded/

  • build

    250246

  • exe_type

    loader

  • extension

    .pct

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      gozi.payload-disk

    • Size

      43KB

    • MD5

      2bff375e136582e27baf83074b8e2e33

    • SHA1

      0feb0aeed9b58da0767568424aa6659f520d73ef

    • SHA256

      ec57d48f9a8f736a40382e30903debbbe0e077fdc4796a5d15b751fb4afa4ca0

    • SHA512

      8ead29614f3123fe206a26b6191a59bd69b8392683f8d34355048123b70e7c12fef4fa1511f8fb333835df959484f9d4c782a7a2c78dd6acd04987b04f73f844

    • SSDEEP

      768:FTmE+L5AkTXKMaqD4leJiArJBFkK527nhoZ3eGiTb7gp6XFlkq9k34d:FTmE+L5AkTixchBOKinCZ3eGGb7dTR9D

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks