gozi | 12d88935437064d8478bc4adec0c0042fb73da774905004c7de55e559729e15c | Triage

Sharing

General

Target

eee617806c18710e8635615de6297834.bin
Size

170KB
Sample

221121-xxhw9sdd89
MD5

eee617806c18710e8635615de6297834
SHA1

a629961de369fac6e25b2846bc06df4997a47669
SHA256

12d88935437064d8478bc4adec0c0042fb73da774905004c7de55e559729e15c
SHA512

93c9faa68616b9fa6141997f93f93279dbd62cf4e0518c37b0692352661c982a7bc5b698bed732ae35e29c56e5edd6c18a5dc48791d8103efae3d849d1db41bf
SSDEEP

3072:Efo9DTdl4eZKj0zdq0cAE0I4Cg/RWxZ0PD1C5G6z7bP1V621u4W:pZBlVZgodTcLt4Cg/Rr1alz7bPv62wx

Score

10^/10

gozi 202206061 banker ldr4 trojan

Malware Config

Extracted

Family

gozi

Botnet

202206061

C2

https://gigimas.xyz

https://reaso.xyz

Attributes

host_keep_time
60
host_shift_time
60
idle_time
20
request_time
10

aes.plain

Targets

- Target
  
  eee617806c18710e8635615de6297834.bin
- Size
  
  170KB
- MD5
  
  eee617806c18710e8635615de6297834
- SHA1
  
  a629961de369fac6e25b2846bc06df4997a47669
- SHA256
  
  12d88935437064d8478bc4adec0c0042fb73da774905004c7de55e559729e15c
- SHA512
  
  93c9faa68616b9fa6141997f93f93279dbd62cf4e0518c37b0692352661c982a7bc5b698bed732ae35e29c56e5edd6c18a5dc48791d8103efae3d849d1db41bf
- SSDEEP
  
  3072:Efo9DTdl4eZKj0zdq0cAE0I4Cg/RWxZ0PD1C5G6z7bP1V621u4W:pZBlVZgodTcLt4Cg/Rr1alz7bPv62wx
Score

10^/10

gozi 202206061 banker ldr4 trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

gozi202206061bankerldr4trojan

behavioral2

gozi202206061bankerldr4trojan