Overview

overview

10

Static

static

ca69499777...87.exe

windows7-x64

10

ca69499777...87.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ca69499777245042056c133ddadd3ef23d3682384f8c48df217cc32a0d11d387

  • Size

    486KB

  • Sample

    221128-vzwj2acb85

  • MD5

    c94b2a7115c695ffd8f32e9c28c3db0a

  • SHA1

    4d12c408b648ec2844feca36e28da5d817644d5f

  • SHA256

    ca69499777245042056c133ddadd3ef23d3682384f8c48df217cc32a0d11d387

  • SHA512

    382883682781d88b51f3c30fd134289e45ce24ef388555960c59603eec7adb0d2a409031d3d40dcb2605fef52643cee119c7baf019e6faec435c56255c7dea01

  • SSDEEP

    12288:pwbnWHi1kfgjdlAVKP8P9j/Js89wefkmCU:gnggjUo0jRH9G

Score
10/10
gozi1013bankerisfbtrojan

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

1013

C2

lolila.net

vndjtu968488.ru

moriyurw368798.ru
Attributes
  • exe_type

    worker

rsa_pubkey.plain
serpent.plain

Targets

    • Target

      ca69499777245042056c133ddadd3ef23d3682384f8c48df217cc32a0d11d387

    • Size

      486KB

    • MD5

      c94b2a7115c695ffd8f32e9c28c3db0a

    • SHA1

      4d12c408b648ec2844feca36e28da5d817644d5f

    • SHA256

      ca69499777245042056c133ddadd3ef23d3682384f8c48df217cc32a0d11d387

    • SHA512

      382883682781d88b51f3c30fd134289e45ce24ef388555960c59603eec7adb0d2a409031d3d40dcb2605fef52643cee119c7baf019e6faec435c56255c7dea01

    • SSDEEP

      12288:pwbnWHi1kfgjdlAVKP8P9j/Js89wefkmCU:gnggjUo0jRH9G

    Score
    10/10
    gozi1013bankerisfbtrojan

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

      bankertrojangozi
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks