Overview

overview

10

Static

static

10

gozi.dll

windows7-x64

1

gozi.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    gozi.payload-disk

  • Size

    44KB

  • Sample

    231011-pc2vmsed8x

  • MD5

    2931b842d14e1e28823790526008bc4d

  • SHA1

    e3374a7210e3d49ff20783895cf292706238680f

  • SHA256

    e503cee9f16f1d5290f3a77355863a246e34f3e20a66acbadcd358bdf4f5cde7

  • SHA512

    afe977940c18ece79183f3d07af3b6f5e0ef5791f3d9a369cd05f03678afad9bb4a69bd4887fabb39838cd385e5b841d0360ddda1c4fb58242de8a617dafe719

  • SSDEEP

    768:SX/rx/qCa8OmwxfhqwSJ9z7XdjP0lBdCEtDsh4eLiTL7gpP1ZXOTy:Svrx/qp8OmwxfhyVxQlBdvW4eLOL7eX7

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

31.41.44.28

146.19.233.250

46.8.19.158
Attributes
  • base_path

    /jerry/

  • build

    250260

  • exe_type

    loader

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      gozi.payload-disk

    • Size

      44KB

    • MD5

      2931b842d14e1e28823790526008bc4d

    • SHA1

      e3374a7210e3d49ff20783895cf292706238680f

    • SHA256

      e503cee9f16f1d5290f3a77355863a246e34f3e20a66acbadcd358bdf4f5cde7

    • SHA512

      afe977940c18ece79183f3d07af3b6f5e0ef5791f3d9a369cd05f03678afad9bb4a69bd4887fabb39838cd385e5b841d0360ddda1c4fb58242de8a617dafe719

    • SSDEEP

      768:SX/rx/qCa8OmwxfhqwSJ9z7XdjP0lBdCEtDsh4eLiTL7gpP1ZXOTy:Svrx/qp8OmwxfhyVxQlBdvW4eLOL7eX7

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks