gozi | b5c6d3152001b88e9957695b55b9d9feb4f191429c72a33cab17d9737361bc4a | Triage

Sharing

General

Target

1256-59-0x00000000001E0000-0x00000000001F3000-memory.dmp
Size

76KB
Sample

221208-gc5yashb43
MD5

7bc167b3b9fe72ab55c86cad5bf106c6
SHA1

aaba835d89846de5caa287b13346c456031966fe
SHA256

b5c6d3152001b88e9957695b55b9d9feb4f191429c72a33cab17d9737361bc4a
SHA512

5daf6b0dcd66c9bfb85b93ae9cd31f2cbd33abe48fa66a011ef4ae318e0d5e9e8e225fd6664d756da6dea8a9158b639ad10a910bb3c45d22ed63e25a4afb5bab
SSDEEP

768:cmGysYcthPbMLsPwFuY2RrQI6jRdB53st+1GJ0V0ezPQdDVJb0OTrd4fJDVLOPEM:byFML+2YIf5YdDn/qGU1jDiJF

Score

10^/10

gozi 202211172 ldr4

Malware Config

Extracted

Family

gozi

Botnet

202211172

C2

https://strengit.xyz

https://horonget.xyz

Attributes

host_keep_time
2
host_shift_time
5
idle_time
1
request_time
10

aes.plain

Targets

- Target
  
  1256-59-0x00000000001E0000-0x00000000001F3000-memory.dmp
- Size
  
  76KB
- MD5
  
  7bc167b3b9fe72ab55c86cad5bf106c6
- SHA1
  
  aaba835d89846de5caa287b13346c456031966fe
- SHA256
  
  b5c6d3152001b88e9957695b55b9d9feb4f191429c72a33cab17d9737361bc4a
- SHA512
  
  5daf6b0dcd66c9bfb85b93ae9cd31f2cbd33abe48fa66a011ef4ae318e0d5e9e8e225fd6664d756da6dea8a9158b639ad10a910bb3c45d22ed63e25a4afb5bab
- SSDEEP
  
  768:cmGysYcthPbMLsPwFuY2RrQI6jRdB53st+1GJ0V0ezPQdDVJb0OTrd4fJDVLOPEM:byFML+2YIf5YdDn/qGU1jDiJF
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

ldr4202211172gozi

behavioral1

behavioral2