General
-
Target
gozi.payload-disk
-
Size
44KB
-
Sample
231009-pyc4eafa33
-
MD5
76f70e707144bb109d3e3e802cfaddb3
-
SHA1
11223b8b61aed91d976242abe2d85103db8af2c1
-
SHA256
07842c72a0b850aa90614e3f187037fc664b237cc70db0c59add6cd1f4c465de
-
SHA512
7c224aab3c9f4b6e92fccdd2dc10cadbd69949e26b732141785ea48e1dedb914f30a73d31edec25456f85cc181b2b8aca06d6c44845ba1141548f8d4c7de5054
-
SSDEEP
768:zX/rx/qCa8OmwxfhqwSJ9z7XdjP0lBdCEtDsh4eLiTL7gpP1ZXOTy:zvrx/qp8OmwxfhyVxQlBdvW4eLOL7eX7
Behavioral task
behavioral1
Sample
gozi.dll
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
gozi.dll
Resource
win10v2004-20230915-en
Malware Config
Extracted
gozi
5050
http://iextrawebty.com
-
base_path
/jerry/
-
build
250260
-
exe_type
loader
-
extension
.bob
-
server_id
50
Targets
-
-
Target
gozi.payload-disk
-
Size
44KB
-
MD5
76f70e707144bb109d3e3e802cfaddb3
-
SHA1
11223b8b61aed91d976242abe2d85103db8af2c1
-
SHA256
07842c72a0b850aa90614e3f187037fc664b237cc70db0c59add6cd1f4c465de
-
SHA512
7c224aab3c9f4b6e92fccdd2dc10cadbd69949e26b732141785ea48e1dedb914f30a73d31edec25456f85cc181b2b8aca06d6c44845ba1141548f8d4c7de5054
-
SSDEEP
768:zX/rx/qCa8OmwxfhqwSJ9z7XdjP0lBdCEtDsh4eLiTL7gpP1ZXOTy:zvrx/qp8OmwxfhyVxQlBdvW4eLOL7eX7
Score1/10 -