gozi | 5d1b0d8d1e5b730373c39479269a512f29cfc564d15dd7be5ed0005d0f51366f | Triage

Sharing

General

Target

1576-98-0x00000000001D0000-0x00000000001E3000-memory.dmp
Size

76KB
Sample

230529-wfqp4sdc91
MD5

5172443ffb1f8eea207595df2ec588c2
SHA1

07e2ea1d03492820d85109b7e7ba8c0059fc79df
SHA256

5d1b0d8d1e5b730373c39479269a512f29cfc564d15dd7be5ed0005d0f51366f
SHA512

a24a120871486cad3be4c04e9ccc2086647d59e9278f3b9d560c2d09879d655b46b9996492341f3141cf2b96bb3ac165932de5933284e9dc3a95badc54ed8fac
SSDEEP

768:UGysYcthPbMLsPwFuY2RrQI6jRdB53st+1GJ0V0ezPQdDVJb0OTrd4fJDVLOPEBK:UyFML+2YIf5YdDn/qGU1jDipO

Score

10^/10

gozi 1000 ldr4

Malware Config

Extracted

Family

gozi

Botnet

1000

C2

https://sumarno.top

Attributes

host_keep_time
2
host_shift_time
1
idle_time
1
request_time
10

aes.plain

Targets

- Target
  
  1576-98-0x00000000001D0000-0x00000000001E3000-memory.dmp
- Size
  
  76KB
- MD5
  
  5172443ffb1f8eea207595df2ec588c2
- SHA1
  
  07e2ea1d03492820d85109b7e7ba8c0059fc79df
- SHA256
  
  5d1b0d8d1e5b730373c39479269a512f29cfc564d15dd7be5ed0005d0f51366f
- SHA512
  
  a24a120871486cad3be4c04e9ccc2086647d59e9278f3b9d560c2d09879d655b46b9996492341f3141cf2b96bb3ac165932de5933284e9dc3a95badc54ed8fac
- SSDEEP
  
  768:UGysYcthPbMLsPwFuY2RrQI6jRdB53st+1GJ0V0ezPQdDVJb0OTrd4fJDVLOPEBK:UyFML+2YIf5YdDn/qGU1jDipO
Score

3^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2