Overview

overview

10

Static

static

10

8de57105a5...d4.dll

windows7-x64

10

8de57105a5...d4.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8de57105a5e61088a78b9cb96f8ca0d4

  • Size

    136KB

  • Sample

    231219-yvzbxaadcj

  • MD5

    8de57105a5e61088a78b9cb96f8ca0d4

  • SHA1

    e6215f1c006f79f7dc519fc96d4e1b35d970d486

  • SHA256

    ea33608b909525aa0273e2afa350f081af19426bebb37ce30bea91e2f6374a44

  • SHA512

    acaea8833ef1a3f297423fc8cc24e140f12857daf2898b42678589036b928a3f49077875a465660f499d0ec0b90291e6dd42144d3e281adf67f50ec64b4dc315

  • SSDEEP

    3072:dqyk+pnRBTZ5hUC6lVUtWsMcig8OtQ5Amyosb/K3x9:dXnbTNalutccig8Dqmyosm

Score
10/10
gozi1000bankerisfbtrojan

Malware Config

Extracted

Family

gozi

Botnet

1000

C2

tandlawsnative.su/ne_utils/front/xxx

leendeilco-1000.su/ne_utils/front/xxx

princlegislative.su/ne_utils/front/xxx
Attributes
  • exe_type

    worker

rsa_pubkey.plain
serpent.plain

Targets

    • Target

      8de57105a5e61088a78b9cb96f8ca0d4

    • Size

      136KB

    • MD5

      8de57105a5e61088a78b9cb96f8ca0d4

    • SHA1

      e6215f1c006f79f7dc519fc96d4e1b35d970d486

    • SHA256

      ea33608b909525aa0273e2afa350f081af19426bebb37ce30bea91e2f6374a44

    • SHA512

      acaea8833ef1a3f297423fc8cc24e140f12857daf2898b42678589036b928a3f49077875a465660f499d0ec0b90291e6dd42144d3e281adf67f50ec64b4dc315

    • SSDEEP

      3072:dqyk+pnRBTZ5hUC6lVUtWsMcig8OtQ5Amyosb/K3x9:dXnbTNalutccig8Dqmyosm

    Score
    10/10
    gozibankertrojan

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

      bankertrojangozi
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks