General
-
Target
working_gozi_payload.exe.dll
-
Size
44KB
-
Sample
231011-lf792sfg87
-
MD5
f2fce2e4bcb49ba32df2a5d4bb8c6644
-
SHA1
c53eba835d111b487b3550ebeac4e556b7c58e75
-
SHA256
62b82255d14250c31bea18c23a0d468ced0f552ad488e9f869a2eb4ff00afce4
-
SHA512
4fe204c3370c23571105c69338c497bd3b84c5db9caf8e27530fc809c124cbe1b8eac15bec95494414e89e4f7e1a8733e1df5024fbf81e6627e3ca86e84e0723
-
SSDEEP
768:SX/rx/qCa8OmwxfhqwSJ9z7XdjP0lBdCEtDsh4eLiTL7gpP1ZXOTy:Svrx/qp8OmwxfhyVxQlBdvW4eLOL7eX7
Behavioral task
behavioral1
Sample
working_gozi_payload.exe.dll
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
working_gozi_payload.exe.dll
Resource
win10v2004-20230915-en
Malware Config
Extracted
gozi
5050
netsecurez.com
whofoxy.com
mimemoa.com
ntcgo.com
-
base_path
/jerry/
-
build
250260
-
exe_type
loader
-
extension
.bob
-
server_id
50
Targets
-
-
Target
working_gozi_payload.exe.dll
-
Size
44KB
-
MD5
f2fce2e4bcb49ba32df2a5d4bb8c6644
-
SHA1
c53eba835d111b487b3550ebeac4e556b7c58e75
-
SHA256
62b82255d14250c31bea18c23a0d468ced0f552ad488e9f869a2eb4ff00afce4
-
SHA512
4fe204c3370c23571105c69338c497bd3b84c5db9caf8e27530fc809c124cbe1b8eac15bec95494414e89e4f7e1a8733e1df5024fbf81e6627e3ca86e84e0723
-
SSDEEP
768:SX/rx/qCa8OmwxfhqwSJ9z7XdjP0lBdCEtDsh4eLiTL7gpP1ZXOTy:Svrx/qp8OmwxfhyVxQlBdvW4eLOL7eX7
Score1/10 -