Overview

overview

10

Static

static

10

gozi.dll

windows7-x64

1

gozi.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    gozi.payload-disk

  • Size

    44KB

  • Sample

    231010-kvsmgaec96

  • MD5

    72ae8ea863e8b4786b520794f00bf083

  • SHA1

    edbc7be3475549ad482c0ce227e6af512872b6e9

  • SHA256

    4dd191ca0a4057956c09e115e686a75eba6088cc7625cb9beb82a243f5c852ad

  • SHA512

    afbffedbc38493c5fe2f713786af91ba7d12737c88b0453a24ba2df3761af454d0a7351ffeed3ebafe9ce80dbef206de5474b6a545a115f3914138a4db9d584e

  • SSDEEP

    768:/X/rx/qCa8OmwxfhqwSJ9z7XdjP0lBdCEtDsh4eLiTL7gpP1ZXOTyUP:/vrx/qp8OmwxfhyVxQlBdvW4eLOL7eXa

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

193.203.162.14

Attributes
  • base_path

    /jerry/

  • build

    250260

  • exe_type

    loader

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      gozi.payload-disk

    • Size

      44KB

    • MD5

      72ae8ea863e8b4786b520794f00bf083

    • SHA1

      edbc7be3475549ad482c0ce227e6af512872b6e9

    • SHA256

      4dd191ca0a4057956c09e115e686a75eba6088cc7625cb9beb82a243f5c852ad

    • SHA512

      afbffedbc38493c5fe2f713786af91ba7d12737c88b0453a24ba2df3761af454d0a7351ffeed3ebafe9ce80dbef206de5474b6a545a115f3914138a4db9d584e

    • SSDEEP

      768:/X/rx/qCa8OmwxfhqwSJ9z7XdjP0lBdCEtDsh4eLiTL7gpP1ZXOTyUP:/vrx/qp8OmwxfhyVxQlBdvW4eLOL7eXa

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks