Overview

overview

10

Static

static

10

2000-58-0x...ry.dll

windows7-x64

3

2000-58-0x...ry.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2000-58-0x0000000000210000-0x000000000028F000-memory.dmp

  • Size

    508KB

  • Sample

    221123-lsv59acb93

  • MD5

    2a5bd7b2ad26272a636e387cdfe57a11

  • SHA1

    e8687d7783ad3900d80618a4b229f62e14ddcb6c

  • SHA256

    e824bb212b6dd4c8b9a7e7454ef8dd6148d23af26e1fa81a7c0db6c4c3d13fcf

  • SHA512

    812c1cf31e7de5ba3b50b72750d7db1ee962af69c4fd3054ef647dfff0cb62dd68fab05800ceb052392cc0d03dc695a53cf79e59cfb8e9ff22a345ca25a099e5

  • SSDEEP

    768:D2Z7fteeACqv3yOPstw7V/O3K3SMgq+c/:SrtejD8kVW2RE4

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

5050

C2

config.edge.skype.com

meganetwork.top

supernetwork.top

internetcoca.in

31.207.46.124

139.60.163.161

dendexmm.com
Attributes
  • base_path

    /jerry/

  • build

    250249

  • exe_type

    loader

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      2000-58-0x0000000000210000-0x000000000028F000-memory.dmp

    • Size

      508KB

    • MD5

      2a5bd7b2ad26272a636e387cdfe57a11

    • SHA1

      e8687d7783ad3900d80618a4b229f62e14ddcb6c

    • SHA256

      e824bb212b6dd4c8b9a7e7454ef8dd6148d23af26e1fa81a7c0db6c4c3d13fcf

    • SHA512

      812c1cf31e7de5ba3b50b72750d7db1ee962af69c4fd3054ef647dfff0cb62dd68fab05800ceb052392cc0d03dc695a53cf79e59cfb8e9ff22a345ca25a099e5

    • SSDEEP

      768:D2Z7fteeACqv3yOPstw7V/O3K3SMgq+c/:SrtejD8kVW2RE4

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks