Overview

overview

10

Static

static

10

2e0d819a66...c5.dll

windows7-x64

3

2e0d819a66...c5.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2e0d819a664dc1682ae860ac0bc24a827722fb0d782d15d32c4acce7cfedfcc5

  • Size

    56KB

  • Sample

    231204-j7eqpshh78

  • MD5

    1c747e00d3ec0920c3d07e06de761e64

  • SHA1

    e89861d554ae39e238f23112c242d5334db2e6cb

  • SHA256

    2e0d819a664dc1682ae860ac0bc24a827722fb0d782d15d32c4acce7cfedfcc5

  • SHA512

    510957a0f6927309fd9fe4315138e09bcdd5e1f14bd6129746cace62ac19f5b6360113c7938b6b85093065976b48d543968f5782bc21b2c20bcbd13aa399e271

  • SSDEEP

    768:A21n5lRGhic4Z1KvY2FyZWjlC/gL8MNF7yNcYNzB1BA5V53vrUZKmdbhrknZ:35lCic4Z1DUAsw/gfBWD1ybm1hiZ

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

5050

C2

https://avas1ta.com/in/login/

itwicenice.com
Attributes
  • base_path

    /jerry/

  • build

    250259

  • exe_type

    loader

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      2e0d819a664dc1682ae860ac0bc24a827722fb0d782d15d32c4acce7cfedfcc5

    • Size

      56KB

    • MD5

      1c747e00d3ec0920c3d07e06de761e64

    • SHA1

      e89861d554ae39e238f23112c242d5334db2e6cb

    • SHA256

      2e0d819a664dc1682ae860ac0bc24a827722fb0d782d15d32c4acce7cfedfcc5

    • SHA512

      510957a0f6927309fd9fe4315138e09bcdd5e1f14bd6129746cace62ac19f5b6360113c7938b6b85093065976b48d543968f5782bc21b2c20bcbd13aa399e271

    • SSDEEP

      768:A21n5lRGhic4Z1KvY2FyZWjlC/gL8MNF7yNcYNzB1BA5V53vrUZKmdbhrknZ:35lCic4Z1DUAsw/gfBWD1ybm1hiZ

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks