Overview

overview

10

Static

static

10

gozi.dll

windows7-x64

1

gozi.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    gozi.payload-disk

  • Size

    43KB

  • Sample

    221116-bj5m8ace7w

  • MD5

    e0d21d314c832d15bcae944e2c2b05cb

  • SHA1

    2e407b8933f7ca1b705ca99eda8dbb2168679aba

  • SHA256

    69937b53c7cbd3067deb7c3a5d83e3af920c216128a4864f0475d81fcffb6c1c

  • SHA512

    d8e8710d1122295ebb6e40adce08c89837a50f11ddf0da38c08361a541b19f802bf6cb2f3bab3612a4379ec8def14c2712126f710798f41d04239ef413a16441

  • SSDEEP

    768:JTmE+L5AkTXKMaqD4leJiArJBFkK527nhoZ3eGiTb7gp6XFlkq9k:JTmE+L5AkTixchBOKinCZ3eGGb7dTR9k

Score
10/10
gozi5isfb

Malware Config

Extracted

Family

gozi

Botnet

5

C2

lentaphoto.at

iujdhsndjfks.ru

gameindikdowd.ru

jhgfdlkjhaoiu.su
Attributes
  • base_path

    /uploaded/

  • build

    250246

  • exe_type

    loader

  • extension

    .pct

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      gozi.payload-disk

    • Size

      43KB

    • MD5

      e0d21d314c832d15bcae944e2c2b05cb

    • SHA1

      2e407b8933f7ca1b705ca99eda8dbb2168679aba

    • SHA256

      69937b53c7cbd3067deb7c3a5d83e3af920c216128a4864f0475d81fcffb6c1c

    • SHA512

      d8e8710d1122295ebb6e40adce08c89837a50f11ddf0da38c08361a541b19f802bf6cb2f3bab3612a4379ec8def14c2712126f710798f41d04239ef413a16441

    • SSDEEP

      768:JTmE+L5AkTXKMaqD4leJiArJBFkK527nhoZ3eGiTb7gp6XFlkq9k:JTmE+L5AkTixchBOKinCZ3eGGb7dTR9k

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks