Overview

overview

10

Static

static

10

2244-2-0x0...ry.exe

windows7-x64

1

2244-2-0x0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2244-2-0x0000000000400000-0x0000000000450000-memory.dmp

  • Size

    320KB

  • Sample

    231010-169ccsgh96

  • MD5

    d6419870d4b0943abb198b78242960ea

  • SHA1

    dbc0b462ce93db1a84d8e3af5f9e3d50564ab8ac

  • SHA256

    3b556b8e1ccbcf5b785189683c6cf63bfee3526b7c4ff5ce4a8aef592a16da40

  • SHA512

    4c92447df583a9d91c21ecd5cdb0d883dcf06182db3a77947c163516077fda9cae00a73ad747fd1f1667325ec81d379d48cb5b1a82433982c4089b02472257e8

  • SSDEEP

    6144:uu1R5RGJr5ffE31kwsQODpAkVyakH7yWMxNTf:3BwTf8lDsQsVyaO+5

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

5050

C2

netsecurez.com

whofoxy.com

mimemoa.com

ntcgo.com
Attributes
  • base_path

    /jerry/

  • build

    250260

  • exe_type

    loader

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      2244-2-0x0000000000400000-0x0000000000450000-memory.dmp

    • Size

      320KB

    • MD5

      d6419870d4b0943abb198b78242960ea

    • SHA1

      dbc0b462ce93db1a84d8e3af5f9e3d50564ab8ac

    • SHA256

      3b556b8e1ccbcf5b785189683c6cf63bfee3526b7c4ff5ce4a8aef592a16da40

    • SHA512

      4c92447df583a9d91c21ecd5cdb0d883dcf06182db3a77947c163516077fda9cae00a73ad747fd1f1667325ec81d379d48cb5b1a82433982c4089b02472257e8

    • SSDEEP

      6144:uu1R5RGJr5ffE31kwsQODpAkVyakH7yWMxNTf:3BwTf8lDsQsVyaO+5

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks