gozi | 346ef441b53bb16c9ae68c8525fb6649bf24d3b699ad9161a29d319bb1b3809c | Triage

Sharing

General

Target

600764b14a6e39961594ed8e67c3eeb6.bin
Size

91KB
Sample

230606-bpjb6sca7v
MD5

a8ec932d1f2712b7a6787a3379a152f5
SHA1

6d60ffaf3f6d2760b5d1247e75fef01221545fe2
SHA256

346ef441b53bb16c9ae68c8525fb6649bf24d3b699ad9161a29d319bb1b3809c
SHA512

d8d1d865301dd3daceeb01fa9a3a838d0fddc8aaa41e2405f548512592f7e97751acbc4abd1676cbfd21d4945cebd9ca0ec59de3281c62ad8dcf4e77080f92ce
SSDEEP

1536:6WMGtyqO92ygqQ4HrvozOtcDASL5BX9Dj4fXgpPqhdzEm0q2Q+nQqJ5UEL:3pQ2yg/RStctL79kgpPoIS2tX/UEL

Score

10^/10

gozi 1000 banker ldr4 trojan

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

1000

C2

https://vertalis.top

Attributes

host_keep_time
2
host_shift_time
1
idle_time
1
request_time
10

aes.plain

Targets

- Target
  
  dbbd275a4b1da0b93a1ef2c5e7c75f5f020979dcc502fd1bc28b3b40cf1d255a.exe
- Size
  
  187KB
- MD5
  
  600764b14a6e39961594ed8e67c3eeb6
- SHA1
  
  5b5cc61391968958236d54eb0fe7229386b58c64
- SHA256
  
  dbbd275a4b1da0b93a1ef2c5e7c75f5f020979dcc502fd1bc28b3b40cf1d255a
- SHA512
  
  a7636a755d816f386ec650648f96ab4c55ddd05bd607ca59868e66af079e0e9b829947d407e17bd68c1208d6ae7f985f602388270289cab9ba26d253f2f38c18
- SSDEEP
  
  3072:Q4+YN4lPeFpVa5f8gy5q86UIQz+GypacRLu1O+TvTIGapG4S+1prXFnK:cCQ7y5qzzJpVRLu1fcjDV9K
Score

10^/10

gozi 1000 banker ldr4 trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

gozi1000bankerldr4trojan

behavioral2

gozi1000bankerldr4trojan