Overview

overview

10

Static

static

3

3ee784b20a...6c.dll

windows7-x64

10

3ee784b20a...6c.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3ee784b20a405a7b032728a7bcac456c

  • Size

    339KB

  • Sample

    231222-bc1exscbh8

  • MD5

    3ee784b20a405a7b032728a7bcac456c

  • SHA1

    d1b224481e428fc86e9c55e2ff138b30b5cfbfab

  • SHA256

    3fd290e335098184c8c2973272660f506c89f329a37cf590608863d002333386

  • SHA512

    7f5dd561e321b3787e65b478aab720ac8aeb95034567c3b942184b6f35f011474415ba5714488a968815a7351e0c44b129d686877392225a2aeca361aab7adac

  • SSDEEP

    6144:yn/kVHHrwBEHwUwnWciWMVkI8MxUaFL4+7pWiyrVT:y/kGBCwUK8WMVF6+vyrZ

Score
10/10
gozi1500bankerisfbtrojan

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

1500

C2

atl.bigbigpoppa.com

pop.urlovedstuff.com
Attributes
  • build

    250211

  • exe_type

    loader

  • server_id

    580

rsa_pubkey.plain
aes.plain

Targets

    • Target

      3ee784b20a405a7b032728a7bcac456c

    • Size

      339KB

    • MD5

      3ee784b20a405a7b032728a7bcac456c

    • SHA1

      d1b224481e428fc86e9c55e2ff138b30b5cfbfab

    • SHA256

      3fd290e335098184c8c2973272660f506c89f329a37cf590608863d002333386

    • SHA512

      7f5dd561e321b3787e65b478aab720ac8aeb95034567c3b942184b6f35f011474415ba5714488a968815a7351e0c44b129d686877392225a2aeca361aab7adac

    • SSDEEP

      6144:yn/kVHHrwBEHwUwnWciWMVkI8MxUaFL4+7pWiyrVT:y/kGBCwUK8WMVF6+vyrZ

    Score
    10/10
    gozi1500bankerisfbtrojan

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

      bankertrojangozi
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks