Overview

overview

10

Static

static

10

gozi.dll

windows7-x64

1

gozi.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    gozi.payload-disk

  • Size

    44KB

  • Sample

    231010-ng8y3sfa64

  • MD5

    8b61f8e62b18781430b85d62c4d705b7

  • SHA1

    1f5a45bf2905ee0d10607a6cf59a98168a995a2a

  • SHA256

    580a6bccc51030cef877b8ac00ef6f9be7369a01bca7698c29c5cd1abe3f1990

  • SHA512

    650f13ae83009b586f66d1009784006260368dde1ca50377aa7175d1162b45dc18fb66cbabf7848c735029b27a71e70aebc37f7c551ddd58540d1a34f41501b6

  • SSDEEP

    768:TX/rx/qCa8OmwxfhqwSJ9z7XdjP0lBdCEtDsh4eLiTL7gpP1ZXOTy:Tvrx/qp8OmwxfhyVxQlBdvW4eLOL7eX7

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

45.93.139.24

Attributes
  • base_path

    /jerry/

  • build

    250260

  • exe_type

    loader

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      gozi.payload-disk

    • Size

      44KB

    • MD5

      8b61f8e62b18781430b85d62c4d705b7

    • SHA1

      1f5a45bf2905ee0d10607a6cf59a98168a995a2a

    • SHA256

      580a6bccc51030cef877b8ac00ef6f9be7369a01bca7698c29c5cd1abe3f1990

    • SHA512

      650f13ae83009b586f66d1009784006260368dde1ca50377aa7175d1162b45dc18fb66cbabf7848c735029b27a71e70aebc37f7c551ddd58540d1a34f41501b6

    • SSDEEP

      768:TX/rx/qCa8OmwxfhqwSJ9z7XdjP0lBdCEtDsh4eLiTL7gpP1ZXOTy:Tvrx/qp8OmwxfhyVxQlBdvW4eLOL7eX7

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks