Overview

overview

10

Static

static

10

2716-234-0...ry.exe

windows7-x64

1

2716-234-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2716-234-0x0000000001130000-0x000000000113E000-memory.dmp

  • Size

    56KB

  • Sample

    230216-ll3azsgh78

  • MD5

    e3190c8781621a97fcab1d95bd970518

  • SHA1

    062715bdcce83d2aa5eef1dcdac5ab92c16651a8

  • SHA256

    7084f33035eba00cba4ac5dcb7a2865cb4d1ec030d227a775fadb9bd27797c4e

  • SHA512

    0aad3d7079f3ccd97687de41af72bcc14cb72ed3f0e82a1b153c82218201310f960c085a32f5c3ccd06712f8cfeb9109665f22bbe265b88ce6e5dfb13e012fd7

  • SSDEEP

    768:1ufLCqkEg+oR4jInhpp55dWSlkiidEfUPJqBQPt04:1mCqklR4jaDtmiuqURq

Score
10/10
gozi1001isfb

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

1001

C2

https://checklist.skype.com

http://176.10.125.84

http://91.242.219.235

http://79.132.130.73

http://176.10.119.209

http://194.76.225.88

http://79.132.134.158
Attributes
  • base_path

    /microsoft/

  • build

    250256

  • exe_type

    loader

  • extension

    .acx

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      2716-234-0x0000000001130000-0x000000000113E000-memory.dmp

    • Size

      56KB

    • MD5

      e3190c8781621a97fcab1d95bd970518

    • SHA1

      062715bdcce83d2aa5eef1dcdac5ab92c16651a8

    • SHA256

      7084f33035eba00cba4ac5dcb7a2865cb4d1ec030d227a775fadb9bd27797c4e

    • SHA512

      0aad3d7079f3ccd97687de41af72bcc14cb72ed3f0e82a1b153c82218201310f960c085a32f5c3ccd06712f8cfeb9109665f22bbe265b88ce6e5dfb13e012fd7

    • SSDEEP

      768:1ufLCqkEg+oR4jInhpp55dWSlkiidEfUPJqBQPt04:1mCqklR4jaDtmiuqURq

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks