Overview

overview

10

Static

static

3

2d64f3a309...c7.dll

windows7-x64

10

2d64f3a309...c7.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2d64f3a3099cf3803a2af68f0b784ec7

  • Size

    461KB

  • Sample

    231231-ja18faadf4

  • MD5

    2d64f3a3099cf3803a2af68f0b784ec7

  • SHA1

    ca7046ebe78496d1be9884ce9bd36abd05284af1

  • SHA256

    6589003cf1942258e49562dbec1dec0eae7474d423e757a675004bd900cd79a0

  • SHA512

    b881184c93b80734444e2e74abcaff144c368a701d5ccf7014098ac6b2febfddfc70322f5728bc9c0f5d5a3b6d631c4543b71b8bcb9fe816aa7840fe85e20433

  • SSDEEP

    12288:mxIkdQI90tC1o4ivB/QD3Jv58kEPGxU3aV+2d:5pI90k3ivB/Q1mZ73a42

Score
10/10
gozi1500bankerisfbtrojan

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

1500

C2

gtr.antoinfer.com

app.bighomegl.at
Attributes
  • build

    250211

  • exe_type

    loader

  • server_id

    580

rsa_pubkey.plain
aes.plain

Targets

    • Target

      2d64f3a3099cf3803a2af68f0b784ec7

    • Size

      461KB

    • MD5

      2d64f3a3099cf3803a2af68f0b784ec7

    • SHA1

      ca7046ebe78496d1be9884ce9bd36abd05284af1

    • SHA256

      6589003cf1942258e49562dbec1dec0eae7474d423e757a675004bd900cd79a0

    • SHA512

      b881184c93b80734444e2e74abcaff144c368a701d5ccf7014098ac6b2febfddfc70322f5728bc9c0f5d5a3b6d631c4543b71b8bcb9fe816aa7840fe85e20433

    • SSDEEP

      12288:mxIkdQI90tC1o4ivB/QD3Jv58kEPGxU3aV+2d:5pI90k3ivB/Q1mZ73a42

    Score
    10/10
    gozi1500bankerisfbtrojan

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

      bankertrojangozi
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks