gozi | 6d2092ee3351eab23a925073e821d6cc3e78d903415d26d6998d0aa22669ed4b | Triage

Sharing

General

Target

900000dll_JC.exe
Size

244KB
Sample

231005-v6bs7sdc3t
MD5

8086be77a9f38efa3a06e7ba743972d5
SHA1

6ad2b8ff69a9e914828766b49a4156e58400f722
SHA256

6d2092ee3351eab23a925073e821d6cc3e78d903415d26d6998d0aa22669ed4b
SHA512

dc7b39271a455d260a839112ea28e186b5b1e50cdb9a368e8a03c53eaefa313621d8d683e0cdfc9beafad5c70d0cd93fcbe787510b145b6ed01ee3643d854eae
SSDEEP

3072:rXmwJT25VVeVqX++WldhnUaA4KT6ntfZFSumtYpFQrxlsFXSTFCr56cjfyfr5Wt:rX72v82Wldh1KeRFSbaWrxlsFr5Kz5G

Score

10^/10

gozi 5050 isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

mifrutty.com

systemcheck.top

Attributes

base_path
/pictures/
exe_type
worker
extension
.bob
server_id
50

rsa_pubkey.plain

aes.plain

Targets

- Target
  
  900000dll_JC.exe
- Size
  
  244KB
- MD5
  
  8086be77a9f38efa3a06e7ba743972d5
- SHA1
  
  6ad2b8ff69a9e914828766b49a4156e58400f722
- SHA256
  
  6d2092ee3351eab23a925073e821d6cc3e78d903415d26d6998d0aa22669ed4b
- SHA512
  
  dc7b39271a455d260a839112ea28e186b5b1e50cdb9a368e8a03c53eaefa313621d8d683e0cdfc9beafad5c70d0cd93fcbe787510b145b6ed01ee3643d854eae
- SSDEEP
  
  3072:rXmwJT25VVeVqX++WldhnUaA4KT6ntfZFSumtYpFQrxlsFXSTFCr56cjfyfr5Wt:rX72v82Wldh1KeRFSbaWrxlsFr5Kz5G
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2