Overview

overview

10

Static

static

3

05a6835aba...d6.dll

windows7-x64

10

05a6835aba...d6.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    05a6835aba75311feb877f4a0c6855d6

  • Size

    643KB

  • Sample

    231229-2e76nahah2

  • MD5

    05a6835aba75311feb877f4a0c6855d6

  • SHA1

    9a175029f1b889383fbc857747bec4fe04cbb86e

  • SHA256

    bde1754782089b9c86037b3eb77479be42162da618b3f539844d2fdf0df0fb95

  • SHA512

    4c53c0ccf908191617c460dab44424a112aef98312d668e01ff231fd314004874280b2a588e005a41c9a550b239c1b01f8d50586871723b899814673ce43a085

  • SSDEEP

    12288:HMUpikM1ABVY4lsBnllWzwazxRvwN9QKC71L715+PoR5nFIlW2i:K4Y4lglQzwyxRvwDSJLT5FIV

Score
10/10
gozi1500bankerisfbtrojan

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

1500

C2

gtr.antoinfer.com

app.bighomegl.at
Attributes
  • build

    250211

  • exe_type

    loader

  • server_id

    580

rsa_pubkey.plain
aes.plain

Targets

    • Target

      05a6835aba75311feb877f4a0c6855d6

    • Size

      643KB

    • MD5

      05a6835aba75311feb877f4a0c6855d6

    • SHA1

      9a175029f1b889383fbc857747bec4fe04cbb86e

    • SHA256

      bde1754782089b9c86037b3eb77479be42162da618b3f539844d2fdf0df0fb95

    • SHA512

      4c53c0ccf908191617c460dab44424a112aef98312d668e01ff231fd314004874280b2a588e005a41c9a550b239c1b01f8d50586871723b899814673ce43a085

    • SSDEEP

      12288:HMUpikM1ABVY4lsBnllWzwazxRvwN9QKC71L715+PoR5nFIlW2i:K4Y4lglQzwyxRvwDSJLT5FIV

    Score
    10/10
    gozi1500bankerisfbtrojan

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

      bankertrojangozi
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks