Overview

overview

10

Static

static

utdh1.dll

windows7-x64

10

utdh1.dll

windows10-2004-x64

10

Resubmissions

27-10-2022 16:06

221027-tj9w2scfg8 10

25-08-2022 03:54

220825-egalvagbb9 1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    utdh1.dll

  • Size

    760KB

  • Sample

    221027-tj9w2scfg8

  • MD5

    d94657449f8d8c165ef88fd93e463134

  • SHA1

    eb5cddacd6764098a20ce18a5e1e52f5e603e4ff

  • SHA256

    2502a3f8c9a6a8681f9222e93b14e077bf879e3009571c646ee94275bc994d01

  • SHA512

    659bc86dbd47d9f99c123db7c78d1bac68e4d592eed8f6d2d9ce5289cbf09bf893f0136a67e41e6dc59e1c826f19d34f8ffbaa5089c28592528ead595cca3ddb

  • SSDEEP

    12288:zCZAm0a9L7/7n/zUo2ThEQNvJZAHx137OyyyQTYzzCuatGfWE24rn2k2H824rn2y:wX9v/7/zYdNvnAR13pyyPa+n2F

Score
10/10
gozi202206061bankerldr4trojan

Malware Config

Extracted

Family

gozi

Botnet

202206061

C2

https://daydayvin.xyz

https://gigiman.xyz
Attributes
  • host_keep_time

    2

  • host_shift_time

    1

  • idle_time

    1

  • request_time

    10

aes.plain

Targets

    • Target

      utdh1.dll

    • Size

      760KB

    • MD5

      d94657449f8d8c165ef88fd93e463134

    • SHA1

      eb5cddacd6764098a20ce18a5e1e52f5e603e4ff

    • SHA256

      2502a3f8c9a6a8681f9222e93b14e077bf879e3009571c646ee94275bc994d01

    • SHA512

      659bc86dbd47d9f99c123db7c78d1bac68e4d592eed8f6d2d9ce5289cbf09bf893f0136a67e41e6dc59e1c826f19d34f8ffbaa5089c28592528ead595cca3ddb

    • SSDEEP

      12288:zCZAm0a9L7/7n/zUo2ThEQNvJZAHx137OyyyQTYzzCuatGfWE24rn2k2H824rn2y:wX9v/7/zYdNvnAR13pyyPa+n2F

    Score
    10/10
    gozi202206061bankerldr4trojan

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

      bankertrojangozi
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks