Overview

overview

10

Static

static

10

202020x000...JC.exe

windows7-x64

1

202020x000...JC.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    202020x00000000004000000x0000000000486000memory_JC.dmp

  • Size

    536KB

  • Sample

    231012-sw9alsah27

  • MD5

    6ce7ab98e77418690e6461cd1edc389a

  • SHA1

    07716c2d2591665b1e9631b1729aab0b580d1196

  • SHA256

    24d7c6b0e067153264531c0c9f8ec68743b88c5ded5d5239a03cd1d79ceed91d

  • SHA512

    ca35544003abeece0831bacda7134cee4607a69a53394416153c43fc38fbdb7286637c4da8c4dcda911792ed373d1427070df4d4cf62782de4bfccc315d15fe5

  • SSDEEP

    3072:TrPI5jSu1GgDgfA4D3QU9ZO2O/s7J9WsLjaeAw2BjihJirmRX815QRe0TJc4:zu1GgDGJrQU9ZDtd3aeANkcaRD80T

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

5050

C2

https://avas1ta.com/in/login/

192.121.22.216

http://mimemoa.com
Attributes
  • base_path

    /jerry/

  • build

    250260

  • exe_type

    loader

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      202020x00000000004000000x0000000000486000memory_JC.dmp

    • Size

      536KB

    • MD5

      6ce7ab98e77418690e6461cd1edc389a

    • SHA1

      07716c2d2591665b1e9631b1729aab0b580d1196

    • SHA256

      24d7c6b0e067153264531c0c9f8ec68743b88c5ded5d5239a03cd1d79ceed91d

    • SHA512

      ca35544003abeece0831bacda7134cee4607a69a53394416153c43fc38fbdb7286637c4da8c4dcda911792ed373d1427070df4d4cf62782de4bfccc315d15fe5

    • SSDEEP

      3072:TrPI5jSu1GgDgfA4D3QU9ZO2O/s7J9WsLjaeAw2BjihJirmRX815QRe0TJc4:zu1GgDGJrQU9ZDtd3aeANkcaRD80T

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks