Overview

overview

10

Static

static

54de1f2c26...36.dll

windows7-x64

10

54de1f2c26...36.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    54de1f2c26a63a8f6b7f8d5de99f8ebd4093959ab07f027db1985d0652258736.exe

  • Size

    283KB

  • Sample

    221124-ewyl8abh5v

  • MD5

    d6ef4778f7dc9c31a0a2a989ef42d2fd

  • SHA1

    5dad8394ef37d5a006674589754f7a3187d303b1

  • SHA256

    54de1f2c26a63a8f6b7f8d5de99f8ebd4093959ab07f027db1985d0652258736

  • SHA512

    997b57424364ff661d80ca6efc5b7e91f2204d1ed7c4d784ee7d6134bc06952c993de038d6a25c71a7949b08ddd8cc5d167f8c753379f69ee1b6b49342fafa63

  • SSDEEP

    6144:wHyvumb1p7CC8VoxOJbceNOHI2Tse2RTggR/Znv+yit:Smbrgu2so2TVwcK/ZnG/t

Score
10/10
gozi202206061bankerldr4trojan

Malware Config

Extracted

Family

gozi

Botnet

202206061

C2

https://gigimas.xyz

https://reaso.xyz
Attributes
  • host_keep_time

    120

  • host_shift_time

    120

  • idle_time

    20

  • request_time

    30

aes.plain

Targets

    • Target

      54de1f2c26a63a8f6b7f8d5de99f8ebd4093959ab07f027db1985d0652258736.exe

    • Size

      283KB

    • MD5

      d6ef4778f7dc9c31a0a2a989ef42d2fd

    • SHA1

      5dad8394ef37d5a006674589754f7a3187d303b1

    • SHA256

      54de1f2c26a63a8f6b7f8d5de99f8ebd4093959ab07f027db1985d0652258736

    • SHA512

      997b57424364ff661d80ca6efc5b7e91f2204d1ed7c4d784ee7d6134bc06952c993de038d6a25c71a7949b08ddd8cc5d167f8c753379f69ee1b6b49342fafa63

    • SSDEEP

      6144:wHyvumb1p7CC8VoxOJbceNOHI2Tse2RTggR/Znv+yit:Smbrgu2so2TVwcK/ZnG/t

    Score
    10/10
    gozi202206061bankerldr4trojan

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

      bankertrojangozi
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks