Overview

overview

10

Static

static

3182e0e2a4...09.exe

windows7-x64

10

3182e0e2a4...09.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3182e0e2a49f2b8aa0aca0fda10db1e2457e81d055a30335cece726e81f5bb09

  • Size

    410KB

  • Sample

    221128-wkehmshh8x

  • MD5

    3b194b104e8a9bbe2a24ef2de65a354e

  • SHA1

    f4700c00fb928844b719e60bd1ad9708a013bf9d

  • SHA256

    3182e0e2a49f2b8aa0aca0fda10db1e2457e81d055a30335cece726e81f5bb09

  • SHA512

    3044217c8663d1b193188e3fa4e6222a4ae9f9c7b64a37a69d729d405e3715280eb8a31b036f6cca75afb6658cd3916dab5f435f241057c6fd9cbadac32b1e64

  • SSDEEP

    6144:lIYgyLGFAOZrVfwZDGkU9P47K9X9L+IpC0dgZ/865:iYbLYnV6dG+/cO/8

Score
10/10
gozi1012bankerisfbtrojan

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

1012

C2

lolila.net

vndjtu968488.ru

moriyurw368798.ru
Attributes
  • exe_type

    worker

rsa_pubkey.plain
serpent.plain

Targets

    • Target

      3182e0e2a49f2b8aa0aca0fda10db1e2457e81d055a30335cece726e81f5bb09

    • Size

      410KB

    • MD5

      3b194b104e8a9bbe2a24ef2de65a354e

    • SHA1

      f4700c00fb928844b719e60bd1ad9708a013bf9d

    • SHA256

      3182e0e2a49f2b8aa0aca0fda10db1e2457e81d055a30335cece726e81f5bb09

    • SHA512

      3044217c8663d1b193188e3fa4e6222a4ae9f9c7b64a37a69d729d405e3715280eb8a31b036f6cca75afb6658cd3916dab5f435f241057c6fd9cbadac32b1e64

    • SSDEEP

      6144:lIYgyLGFAOZrVfwZDGkU9P47K9X9L+IpC0dgZ/865:iYbLYnV6dG+/cO/8

    Score
    10/10
    gozi1012bankerisfbtrojan

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

      bankertrojangozi
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks