gozi | ac6a11ecf700dafee430abe06d62b96a2180f08b1b83b7128e2b9bcab1d67959 | Triage

Sharing

General

Target

ac6a11ecf700dafee430abe06d62b96a2180f08b1b83b7128e2b9bcab1d67959.exe
Size

706KB
Sample

230329-3bd9vaac47
MD5

3b69cd2054a8234939a684ed60b7d671
SHA1

1e07e548668918d5db3c7b907ad765f2996ff5c5
SHA256

ac6a11ecf700dafee430abe06d62b96a2180f08b1b83b7128e2b9bcab1d67959
SHA512

717b6fa6fe5040474df92377f60918a8c029690cf62fcf6bbbce07e0eabbdfb649720e6a85973d64d1109747de3c2b4cd0f59885ade6e8068e3d6e2a56339b8e
SSDEEP

3072:XGMvz842hp4xCCIaBCpGkWSkx0cf5P0UGwS+9BNmA6a:Xtx2yBCiSkxPNT7Ya

Score

10^/10

gozi 1000 banker ldr4 trojan

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

1000

C2

https://ceredovza.top

Attributes

host_keep_time
2
host_shift_time
1
idle_time
1
request_time
10

aes.plain

Targets

- Target
  
  ac6a11ecf700dafee430abe06d62b96a2180f08b1b83b7128e2b9bcab1d67959.exe
- Size
  
  706KB
- MD5
  
  3b69cd2054a8234939a684ed60b7d671
- SHA1
  
  1e07e548668918d5db3c7b907ad765f2996ff5c5
- SHA256
  
  ac6a11ecf700dafee430abe06d62b96a2180f08b1b83b7128e2b9bcab1d67959
- SHA512
  
  717b6fa6fe5040474df92377f60918a8c029690cf62fcf6bbbce07e0eabbdfb649720e6a85973d64d1109747de3c2b4cd0f59885ade6e8068e3d6e2a56339b8e
- SSDEEP
  
  3072:XGMvz842hp4xCCIaBCpGkWSkx0cf5P0UGwS+9BNmA6a:Xtx2yBCiSkxPNT7Ya
Score

10^/10

gozi 1000 banker ldr4 trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

gozi1000bankerldr4trojan

behavioral2

gozi1000bankerldr4trojan