Overview

overview

10

Static

static

3

d4e90cf738...85.dll

windows7-x64

10

d4e90cf738...85.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d4e90cf7388f89bbbaff36b28145a485

  • Size

    378KB

  • Sample

    231220-spbe1addgp

  • MD5

    d4e90cf7388f89bbbaff36b28145a485

  • SHA1

    ae09ab502797805f6d4a7fd02496e5a5a06bb70b

  • SHA256

    93d897574a629e5d5730c685d9d0b81fc24ae47a78394cdd1700cc388b4462f7

  • SHA512

    8ac6e20d8be96f23983f6b56f26c89e56f801709c6c24d8e30cee24e6a0636a8b421ffb9a377aaf2fd66d910a914662a88cd2543efb8a58fb138a1779541e259

  • SSDEEP

    6144:NAqX6GBMYdZdpfkmGjwSgF8H3V6UclT5wdL5FczVN877v4FOH/:N5qQdZrkmGs58H3k/15wdL5OVN877aG

Score
10/10
gozi1500bankerisfbtrojan

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

1500

C2

app.buboleinov.com

chat.veminiare.com

chat.billionady.com

app3.maintorna.com
Attributes
  • build

    250188

  • exe_type

    loader

  • server_id

    580

rsa_pubkey.plain
aes.plain

Targets

    • Target

      d4e90cf7388f89bbbaff36b28145a485

    • Size

      378KB

    • MD5

      d4e90cf7388f89bbbaff36b28145a485

    • SHA1

      ae09ab502797805f6d4a7fd02496e5a5a06bb70b

    • SHA256

      93d897574a629e5d5730c685d9d0b81fc24ae47a78394cdd1700cc388b4462f7

    • SHA512

      8ac6e20d8be96f23983f6b56f26c89e56f801709c6c24d8e30cee24e6a0636a8b421ffb9a377aaf2fd66d910a914662a88cd2543efb8a58fb138a1779541e259

    • SSDEEP

      6144:NAqX6GBMYdZdpfkmGjwSgF8H3V6UclT5wdL5FczVN877v4FOH/:N5qQdZrkmGs58H3k/15wdL5OVN877aG

    Score
    10/10
    gozi1500bankerisfbtrojan

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

      bankertrojangozi
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks