Overview

overview

10

Static

static

10

unpacked_ursnif.dll

windows7-x64

3

unpacked_ursnif.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    unpacked_ursnif.bin

  • Size

    52KB

  • Sample

    231011-n8bsnadg9s

  • MD5

    a069a2a61eaa75e9440d1c57bc66a902

  • SHA1

    0c3ac192ffb1871916e1c520b13057165a1aa888

  • SHA256

    9a7b02dce4e5e370cca6b2d51d7e19ee267e87054e50933296ae9c802aba3732

  • SHA512

    f7c0a7885ed448ca8b415f3ac4d828c2510122d8ab782e105ddf53e057ea5db324c13489718021271c46244daceceb01e3060cf37a186cf95ced7792eb367dda

  • SSDEEP

    768:Riirx/qT2zemt3fhwO8hEUumiw8v/MC2CyTQvnz3NsMe1ZXOTy:RBrx/qizemt3fhMXgvrrvnz3NsMkXOO

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

31.41.44.28

146.19.233.250

46.8.19.158
Attributes
  • base_path

    /jerry/

  • build

    250260

  • exe_type

    loader

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      unpacked_ursnif.bin

    • Size

      52KB

    • MD5

      a069a2a61eaa75e9440d1c57bc66a902

    • SHA1

      0c3ac192ffb1871916e1c520b13057165a1aa888

    • SHA256

      9a7b02dce4e5e370cca6b2d51d7e19ee267e87054e50933296ae9c802aba3732

    • SHA512

      f7c0a7885ed448ca8b415f3ac4d828c2510122d8ab782e105ddf53e057ea5db324c13489718021271c46244daceceb01e3060cf37a186cf95ced7792eb367dda

    • SSDEEP

      768:Riirx/qT2zemt3fhwO8hEUumiw8v/MC2CyTQvnz3NsMe1ZXOTy:RBrx/qizemt3fhMXgvrrvnz3NsMkXOO

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks