gozi | f7c5b8ea8de9aad8ea2661e79636a87a4a5949217cfbe5e97fcef4fb881701af | Triage

Sharing

General

Target

f7c5b8ea8de9aad8ea2661e79636a87a4a5949217cfbe5e97fcef4fb881701af
Size

44KB
Sample

221124-evnevsbg6t
MD5

a3539bc682f39406c050e5233058c930
SHA1

084f7c19e40b13e1a46a69dc9d6feee9566b8ca5
SHA256

f7c5b8ea8de9aad8ea2661e79636a87a4a5949217cfbe5e97fcef4fb881701af
SHA512

6558d1c42a64a5ef790411e79cec345ed9045f9b4bc881cf363e6fe73a3cff98eb4e3498d38bd886f6f4258725df8077ef52528c393c587442e50bdc833ab8c6
SSDEEP

768:ZDQtVuoBVldbRUZ0wyztx/yJNCOWw6kFdn5rxGHNa8XCJcZwevy9M0tbo:ZDsVPBVld7XH/yX2eDn5rwXXzZwevyrq

Score

10^/10

gozi 202206061 ldr4

Malware Config

Extracted

Family

gozi

Botnet

202206061

C2

https://gigimas.xyz

https://reaso.xyz

Attributes

host_keep_time
60
host_shift_time
60
idle_time
20
request_time
10

aes.plain

Targets

- Target
  
  f7c5b8ea8de9aad8ea2661e79636a87a4a5949217cfbe5e97fcef4fb881701af
- Size
  
  44KB
- MD5
  
  a3539bc682f39406c050e5233058c930
- SHA1
  
  084f7c19e40b13e1a46a69dc9d6feee9566b8ca5
- SHA256
  
  f7c5b8ea8de9aad8ea2661e79636a87a4a5949217cfbe5e97fcef4fb881701af
- SHA512
  
  6558d1c42a64a5ef790411e79cec345ed9045f9b4bc881cf363e6fe73a3cff98eb4e3498d38bd886f6f4258725df8077ef52528c393c587442e50bdc833ab8c6
- SSDEEP
  
  768:ZDQtVuoBVldbRUZ0wyztx/yJNCOWw6kFdn5rxGHNa8XCJcZwevy9M0tbo:ZDsVPBVld7XH/yX2eDn5rwXXzZwevyrq
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

ldr4202206061gozi

behavioral1

behavioral2