Overview

overview

10

Static

static

10

1604-5-0x0...ry.exe

windows7-x64

1604-5-0x0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1604-5-0x0000000000400000-0x000000000040F000-memory.dmp

  • Size

    60KB

  • Sample

    231014-2jvfcsea95

  • MD5

    c1dc2ef84712371370dfd25a08780d31

  • SHA1

    3435ffb503883df7761d1c3d240181aed2bd2f00

  • SHA256

    37828f27a75e73124a7cf2e2af1e2cd8523f16a64b183190d7209faab5271592

  • SHA512

    793ac7d1e111cea6513e8bc6969c00ed93890162daf2223dd08bf090dee2d17b6ef7262933d32ff22f6d0e80c54edaab41e360ef87da29dceadeac608d9e6a69

  • SSDEEP

    768:KA3rPI5jShpW1vswlZlyh8Kl7aQixYgxYJmv0NHY7lbI+gFfp:Z3rPI5jSu1xZliVJaf3C7YJI+ufp

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

5050

C2

http://iextrawebty.com

Attributes
  • base_path

    /jerry/

  • build

    250260

  • exe_type

    loader

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      1604-5-0x0000000000400000-0x000000000040F000-memory.dmp

    • Size

      60KB

    • MD5

      c1dc2ef84712371370dfd25a08780d31

    • SHA1

      3435ffb503883df7761d1c3d240181aed2bd2f00

    • SHA256

      37828f27a75e73124a7cf2e2af1e2cd8523f16a64b183190d7209faab5271592

    • SHA512

      793ac7d1e111cea6513e8bc6969c00ed93890162daf2223dd08bf090dee2d17b6ef7262933d32ff22f6d0e80c54edaab41e360ef87da29dceadeac608d9e6a69

    • SSDEEP

      768:KA3rPI5jShpW1vswlZlyh8Kl7aQixYgxYJmv0NHY7lbI+gFfp:Z3rPI5jSu1xZliVJaf3C7YJI+ufp

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks