General
-
Target
gozi.payload-disk
-
Size
44KB
-
Sample
230718-td4svacf9y
-
MD5
11c0de1cdcea1a09b2efc5dc09937d5a
-
SHA1
d0ee6ae27bb8bae0ce00d513e46b4397bd3794ef
-
SHA256
dd29faad8271ceff200418996a1300d5b6b4355d4fe4b0d482189f0d49d67f07
-
SHA512
c11b56e57605b29b60bb70a854bee0dc18ff922c6f520850bb7d501cfa74328bd5fa84f88e962275e9c09591d71a52940ce96629b7cc72cea364b2146128168c
-
SSDEEP
768:Se4VA4MDErUNxWZSTcOlPyG9UGQhVS5sBm8HeDqzL7gpbBPABRFy9oTyb:Se5BmKxWZSplPyG9UGgVS5AHeD2L78oO
Behavioral task
behavioral1
Sample
gozi.dll
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
gozi.dll
Resource
win10v2004-20230703-en
Malware Config
Extracted
gozi
20000
http://45.11.182.38
http://79.132.130.230
https://listwhfite.check3.yaho1o.com
https://lisfwhite.ch2eck.yaheoo.com
http://45.155.250.58
https://liset.che3ck.bi1ng.com
http://45.155.249.91
-
base_path
/zerotohero/
-
build
250260
-
exe_type
loader
-
extension
.asi
-
server_id
50
Targets
-
-
Target
gozi.payload-disk
-
Size
44KB
-
MD5
11c0de1cdcea1a09b2efc5dc09937d5a
-
SHA1
d0ee6ae27bb8bae0ce00d513e46b4397bd3794ef
-
SHA256
dd29faad8271ceff200418996a1300d5b6b4355d4fe4b0d482189f0d49d67f07
-
SHA512
c11b56e57605b29b60bb70a854bee0dc18ff922c6f520850bb7d501cfa74328bd5fa84f88e962275e9c09591d71a52940ce96629b7cc72cea364b2146128168c
-
SSDEEP
768:Se4VA4MDErUNxWZSTcOlPyG9UGQhVS5sBm8HeDqzL7gpbBPABRFy9oTyb:Se5BmKxWZSplPyG9UGgVS5AHeD2L78oO
Score1/10 -