Overview

overview

10

Static

static

10

1276-155-0...ry.exe

windows7-x64

1

1276-155-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1276-155-0x0000000000850000-0x000000000085E000-memory.dmp

  • Size

    56KB

  • Sample

    230218-a3k79aac32

  • MD5

    a8614c2622d1964f12a0ed34a7aa356e

  • SHA1

    8624894e1b8a09e9e528f25c20233f5ef521660a

  • SHA256

    268e55e030dcad186aa1bf98a14ceb244435f99218d65e4a370733a1f2cbba5c

  • SHA512

    7cefee2911d7228f63b1c4101301aad66381d43e49a50867602606f9f469d3cbdf14de4135a25f7141c1faf3ca924f5cfc810f75952cbee47caf9dc1f3d50e9e

  • SSDEEP

    768:l7CXsO8yoR4jInhpp55dWSlkiidEfUPJqBQPt04:leXsOiR4jaDtmiuqURq

Score
10/10
gozi1001isfb

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

1001

C2

https://checklist.skype.com

http://176.10.125.84

http://91.242.219.235

http://79.132.130.73

http://176.10.119.209

http://194.76.225.88

http://79.132.134.158
Attributes
  • base_path

    /microsoft/

  • build

    250256

  • exe_type

    loader

  • extension

    .acx

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      1276-155-0x0000000000850000-0x000000000085E000-memory.dmp

    • Size

      56KB

    • MD5

      a8614c2622d1964f12a0ed34a7aa356e

    • SHA1

      8624894e1b8a09e9e528f25c20233f5ef521660a

    • SHA256

      268e55e030dcad186aa1bf98a14ceb244435f99218d65e4a370733a1f2cbba5c

    • SHA512

      7cefee2911d7228f63b1c4101301aad66381d43e49a50867602606f9f469d3cbdf14de4135a25f7141c1faf3ca924f5cfc810f75952cbee47caf9dc1f3d50e9e

    • SSDEEP

      768:l7CXsO8yoR4jInhpp55dWSlkiidEfUPJqBQPt04:leXsOiR4jaDtmiuqURq

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks