gozi | 55690a89567721f1dbc7170a9c3e4391960af15b78cd7e67d955edb6e3237484 | Triage

Sharing

General

Target

1376-58-0x00000000001D0000-0x00000000001E3000-memory.dmp
Size

76KB
Sample

230605-pks8gage79
MD5

bad14cdf54f7292775dee44b0e8219e1
SHA1

2407bb3a65aa8c26d7d898fe902778478a0d15ff
SHA256

55690a89567721f1dbc7170a9c3e4391960af15b78cd7e67d955edb6e3237484
SHA512

5ad22d6cf9411f22db5dff6f19869934d04ab31a4277b2c2cafb073d022aec1b8370b6f2120a8cf0429cfb033b2b6e2f215020675cea4dae2e3b56f0300a4319
SSDEEP

1536:ByFML+2YIf5YdDn/qGU1jDiqD//////////////////////////////////////S:BYM5n5eqGU13z

Score

10^/10

gozi 1000 ldr4

Malware Config

Extracted

Family

gozi

Botnet

1000

C2

https://vertalis.top

Attributes

host_keep_time
2
host_shift_time
1
idle_time
1
request_time
10

aes.plain

Targets

- Target
  
  1376-58-0x00000000001D0000-0x00000000001E3000-memory.dmp
- Size
  
  76KB
- MD5
  
  bad14cdf54f7292775dee44b0e8219e1
- SHA1
  
  2407bb3a65aa8c26d7d898fe902778478a0d15ff
- SHA256
  
  55690a89567721f1dbc7170a9c3e4391960af15b78cd7e67d955edb6e3237484
- SHA512
  
  5ad22d6cf9411f22db5dff6f19869934d04ab31a4277b2c2cafb073d022aec1b8370b6f2120a8cf0429cfb033b2b6e2f215020675cea4dae2e3b56f0300a4319
- SSDEEP
  
  1536:ByFML+2YIf5YdDn/qGU1jDiqD//////////////////////////////////////S:BYM5n5eqGU13z
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2