Overview

overview

10

Static

static

10

gozi.dll

windows7-x64

1

gozi.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    gozi.payload-disk

  • Size

    43KB

  • Sample

    221123-lvwjsscd32

  • MD5

    067b4232f5e6a7e954094c76c521b05d

  • SHA1

    97ba6f1793b9da6906ce3179d633efd11d366fbf

  • SHA256

    ba8b9c888d1e6f4e6251217f72f6fe13b2e4a58918af0d120edb5508d90dbade

  • SHA512

    34560a7e18553c1b6cc5854e9413b92313c280919cbc2678bbf96f0b4fbce0e496c4347b8e91aa8c2755a51528e78e4c0e8fb14ee6cf2d5fea654e4998382aef

  • SSDEEP

    768:BO60dvSXUWzHY4kD/zaho82WVV3rh5Uznoo7e6GzheOB/G7gpdS4JowCyjQBOD:BOLgy4kD/2H2WjbhcTGNeOdG7uS45QBO

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

config.edge.skype.com

meganetwork.top

supernetwork.top

internetcoca.in

31.207.46.124

139.60.163.161

dendexmm.com
Attributes
  • base_path

    /jerry/

  • build

    250249

  • exe_type

    loader

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      gozi.payload-disk

    • Size

      43KB

    • MD5

      067b4232f5e6a7e954094c76c521b05d

    • SHA1

      97ba6f1793b9da6906ce3179d633efd11d366fbf

    • SHA256

      ba8b9c888d1e6f4e6251217f72f6fe13b2e4a58918af0d120edb5508d90dbade

    • SHA512

      34560a7e18553c1b6cc5854e9413b92313c280919cbc2678bbf96f0b4fbce0e496c4347b8e91aa8c2755a51528e78e4c0e8fb14ee6cf2d5fea654e4998382aef

    • SSDEEP

      768:BO60dvSXUWzHY4kD/zaho82WVV3rh5Uznoo7e6GzheOB/G7gpdS4JowCyjQBOD:BOLgy4kD/2H2WjbhcTGNeOdG7uS45QBO

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks