Overview

overview

10

Static

static

10

gozi.dll

windows7-x64

1

gozi.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    gozi.payload-disk

  • Size

    44KB

  • Sample

    231012-qp5bzadh54

  • MD5

    0d46673d3743117f0a93ddc51c54c90b

  • SHA1

    7dbef61871d78b6d3cdd7960f284860ef87ef025

  • SHA256

    97590e4683abd8a7c02dfd85961e78d4ce592dec814b5babd78d123f25396631

  • SHA512

    0fc1f7719f11d105b12f985ed528dd7722a48858d0a883a45000b94401e3d4b72457ec91b207cec1f6da070231fb96449e24adb1040b9c6a1b0f9d8a2c7b39cf

  • SSDEEP

    768:WX/rx/qCa8OmwxfhqwSJ9z7XdjP0lBdCEtDsh4eLiTL7gpP1ZXOTy:Wvrx/qp8OmwxfhyVxQlBdvW4eLOL7eX7

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

fotexion.com

Attributes
  • base_path

    /jerry/

  • build

    250260

  • exe_type

    loader

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      gozi.payload-disk

    • Size

      44KB

    • MD5

      0d46673d3743117f0a93ddc51c54c90b

    • SHA1

      7dbef61871d78b6d3cdd7960f284860ef87ef025

    • SHA256

      97590e4683abd8a7c02dfd85961e78d4ce592dec814b5babd78d123f25396631

    • SHA512

      0fc1f7719f11d105b12f985ed528dd7722a48858d0a883a45000b94401e3d4b72457ec91b207cec1f6da070231fb96449e24adb1040b9c6a1b0f9d8a2c7b39cf

    • SSDEEP

      768:WX/rx/qCa8OmwxfhqwSJ9z7XdjP0lBdCEtDsh4eLiTL7gpP1ZXOTy:Wvrx/qp8OmwxfhyVxQlBdvW4eLOL7eX7

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks