Overview

overview

10

Static

static

loader-1.dll

windows7-x64

10

loader-1.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    loader-1.dll

  • Size

    58KB

  • Sample

    230106-yc3xdafa3v

  • MD5

    8d2860deeca2667cd9d9a490b0fb9312

  • SHA1

    d4ed405e29a8c554903cd2313356755899761ec0

  • SHA256

    0ca229d6985267551278509807381230b3351e8c1259d46f87bb3d4cac76176b

  • SHA512

    0e34109e52b5405ca79fb84c0a271c9b19566c234e26d40f98aacd513c0ffbeac29cf44f9a138e71ff904fcd9d1d306ff4fc9106433f72b18911fb21d2f7428e

  • SSDEEP

    1536:lKMj6u5qwXbuHq4DalAccmRCoU0rhZKLuT:nj9KRaR7jT

Score
10/10
gozi202208151bankerldr4trojan

Malware Config

Extracted

Family

gozi

Botnet

202208151

C2

https://fingerpin.cyou

https://dodstep.cyou
Attributes
  • host_keep_time

    2

  • host_shift_time

    1

  • idle_time

    1

  • request_time

    10

aes.plain

Targets

    • Target

      loader-1.dll

    • Size

      58KB

    • MD5

      8d2860deeca2667cd9d9a490b0fb9312

    • SHA1

      d4ed405e29a8c554903cd2313356755899761ec0

    • SHA256

      0ca229d6985267551278509807381230b3351e8c1259d46f87bb3d4cac76176b

    • SHA512

      0e34109e52b5405ca79fb84c0a271c9b19566c234e26d40f98aacd513c0ffbeac29cf44f9a138e71ff904fcd9d1d306ff4fc9106433f72b18911fb21d2f7428e

    • SSDEEP

      1536:lKMj6u5qwXbuHq4DalAccmRCoU0rhZKLuT:nj9KRaR7jT

    Score
    10/10
    gozi202208151bankerldr4trojan

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

      bankertrojangozi
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks