Overview

overview

10

Static

static

10

gozi.dll

windows7-x64

1

gozi.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    gozi.payload-disk

  • Size

    44KB

  • Sample

    231009-pyc4eafa33

  • MD5

    76f70e707144bb109d3e3e802cfaddb3

  • SHA1

    11223b8b61aed91d976242abe2d85103db8af2c1

  • SHA256

    07842c72a0b850aa90614e3f187037fc664b237cc70db0c59add6cd1f4c465de

  • SHA512

    7c224aab3c9f4b6e92fccdd2dc10cadbd69949e26b732141785ea48e1dedb914f30a73d31edec25456f85cc181b2b8aca06d6c44845ba1141548f8d4c7de5054

  • SSDEEP

    768:zX/rx/qCa8OmwxfhqwSJ9z7XdjP0lBdCEtDsh4eLiTL7gpP1ZXOTy:zvrx/qp8OmwxfhyVxQlBdvW4eLOL7eX7

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

http://iextrawebty.com

Attributes
  • base_path

    /jerry/

  • build

    250260

  • exe_type

    loader

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      gozi.payload-disk

    • Size

      44KB

    • MD5

      76f70e707144bb109d3e3e802cfaddb3

    • SHA1

      11223b8b61aed91d976242abe2d85103db8af2c1

    • SHA256

      07842c72a0b850aa90614e3f187037fc664b237cc70db0c59add6cd1f4c465de

    • SHA512

      7c224aab3c9f4b6e92fccdd2dc10cadbd69949e26b732141785ea48e1dedb914f30a73d31edec25456f85cc181b2b8aca06d6c44845ba1141548f8d4c7de5054

    • SSDEEP

      768:zX/rx/qCa8OmwxfhqwSJ9z7XdjP0lBdCEtDsh4eLiTL7gpP1ZXOTy:zvrx/qp8OmwxfhyVxQlBdvW4eLOL7eX7

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks