Overview

overview

10

Static

static

3

07684da40a...8e.dll

windows7-x64

10

07684da40a...8e.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    07684da40ad79495b5db6ddcf723bd8e

  • Size

    568KB

  • Sample

    231229-3r4vfaabej

  • MD5

    07684da40ad79495b5db6ddcf723bd8e

  • SHA1

    7a7b3294628bd170ae0ca85ec533be7e0d409053

  • SHA256

    683f12747c11016669f9a7413b8975c615f39d2d530b1825eff8a36479e303ff

  • SHA512

    23864fd1e5cb5860264631d7da50990a12d4f8aabac6b761f6e44e56b4be16263d5589978265b63b1ad4af10452bddc72f73845f03a683d2efd4344521eefb00

  • SSDEEP

    12288:1fIK0Xnn2SAXZUgKPLWg4+cLeWNTOg2d1yrvF:J4XnnzAX+zPqzLL3l2jyr

Score
10/10
gozi8877bankerisfbtrojan

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

8877

C2

outlook.com

boyuleruner.online

coyuleruner.online
Attributes
  • base_path

    /tragli/

  • build

    250207

  • dga_season

    10

  • exe_type

    loader

  • extension

    .brw

  • server_id

    12

rsa_pubkey.plain
serpent.plain

Targets

    • Target

      07684da40ad79495b5db6ddcf723bd8e

    • Size

      568KB

    • MD5

      07684da40ad79495b5db6ddcf723bd8e

    • SHA1

      7a7b3294628bd170ae0ca85ec533be7e0d409053

    • SHA256

      683f12747c11016669f9a7413b8975c615f39d2d530b1825eff8a36479e303ff

    • SHA512

      23864fd1e5cb5860264631d7da50990a12d4f8aabac6b761f6e44e56b4be16263d5589978265b63b1ad4af10452bddc72f73845f03a683d2efd4344521eefb00

    • SSDEEP

      12288:1fIK0Xnn2SAXZUgKPLWg4+cLeWNTOg2d1yrvF:J4XnnzAX+zPqzLL3l2jyr

    Score
    10/10
    gozi8877bankerisfbtrojan

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

      bankertrojangozi
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks