Overview

overview

10

Static

static

10

9af5351d4a...a7.dll

windows7-x64

1

9af5351d4a...a7.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    9af5351d4a0384db5af18c90007cc7aacd856b701c6a8d8da49bdaa4e9c2a3a7

  • Size

    43KB

  • MD5

    67f12b772561c13041ada1de17bff6c1

  • SHA1

    39a3c933a2fe4e0d373da3bbf556c4a58d051732

  • SHA256

    9af5351d4a0384db5af18c90007cc7aacd856b701c6a8d8da49bdaa4e9c2a3a7

  • SHA512

    75dd963ff30de23e581a2eb6fecf90d69111d613960e48c9508c756dfca2374280145cbb6f9f1ea840e433b39ecd5bd538dcf3e36489037ec59a349841b037a8

  • SSDEEP

    768:65pad4LOyeTJRRtpg6DBpLuS7rmWucAh1gRhOEOQJMkhe0gspoEs/P:Mpapy6JRRY6D3LPrM0RhOEJJMk1VjaP

Score
10/10
isfb7631gozi

Malware Config

Extracted

Family

gozi

Botnet

7631

C2

agenziaent.top

agenziaentr.top

statusline.ru

statuslines.ru
Attributes
  • base_path

    /drew/

  • build

    250226

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Signatures

  • Gozi family
    gozi
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 9af5351d4a0384db5af18c90007cc7aacd856b701c6a8d8da49bdaa4e9c2a3a7
    .dll windows x86

    81fb59eb9e86609b0780b349ef3d81a8


    Headers

    Imports

    Sections