gozi | 082c51164b2c20ff163f2640313c81cd64a26ff9790d3570e5cde857fa93272a | Triage

Sharing

General

Target

58169007c2e7a0d022bc383f9b9476fe.bin
Size

44KB
Sample

221121-tsdj7shb24
MD5

58169007c2e7a0d022bc383f9b9476fe
SHA1

5e994d1f26861a37c7b1e14338aca4117987f9ca
SHA256

082c51164b2c20ff163f2640313c81cd64a26ff9790d3570e5cde857fa93272a
SHA512

4d2eec771ad46ba524738cf4bdda3d551054a49fb790bd3eb0bf65ddace93311c34c765080a9fd8b01cc2d7b06dbf2cb302028f0647301f0dc82c8bea6c42570
SSDEEP

768:ogWi1fBVVWOftbGgrx/hRuTWrcuysItyaAybFREnV+evm1C9Mitbg:ogWi5BVVWsfV/hAq/ctyaAkFc+evm4VC

Score

10^/10

gozi 202206061 ldr4

Malware Config

Extracted

Family

gozi

Botnet

202206061

C2

https://gigimas.xyz

https://reaso.xyz

Attributes

host_keep_time
60
host_shift_time
60
idle_time
20
request_time
10

aes.plain

Targets

- Target
  
  58169007c2e7a0d022bc383f9b9476fe.bin
- Size
  
  44KB
- MD5
  
  58169007c2e7a0d022bc383f9b9476fe
- SHA1
  
  5e994d1f26861a37c7b1e14338aca4117987f9ca
- SHA256
  
  082c51164b2c20ff163f2640313c81cd64a26ff9790d3570e5cde857fa93272a
- SHA512
  
  4d2eec771ad46ba524738cf4bdda3d551054a49fb790bd3eb0bf65ddace93311c34c765080a9fd8b01cc2d7b06dbf2cb302028f0647301f0dc82c8bea6c42570
- SSDEEP
  
  768:ogWi1fBVVWOftbGgrx/hRuTWrcuysItyaAybFREnV+evm1C9Mitbg:ogWi5BVVWsfV/hAq/ctyaAkFc+evm4VC
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

ldr4202206061gozi

behavioral1

behavioral2