Overview

overview

10

Static

static

3

51ce5df162...ae.dll

windows7-x64

10

51ce5df162...ae.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    51ce5df162143fe278a4cf35d2c107ae

  • Size

    643KB

  • Sample

    240110-2jm2aahehm

  • MD5

    51ce5df162143fe278a4cf35d2c107ae

  • SHA1

    7b2e60a0e7ac57774ad25636941acefdff79e424

  • SHA256

    bd27499ca567aa4f05905c3c093d86afbb680ce31b0be17a427db12a0c1318bf

  • SHA512

    36fd0fe17f083037e457a2b3dc9c1156f52e7acc168338969c40d67b2826be9aabb4f4cefe334d5e82b334a1fc4fa2245655687c60b66add680f949d95ad2eed

  • SSDEEP

    12288:HMUpikM1ABVY4lsBnllWzwazxRvwP9QKC71L715+PoR5nFIlW2i:K4Y4lglQzwyxRvw1SJLT5FIV

Score
10/10
gozi1500bankerisfbtrojan

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

1500

C2

gtr.antoinfer.com

app.bighomegl.at
Attributes
  • build

    250211

  • exe_type

    loader

  • server_id

    580

rsa_pubkey.plain
aes.plain

Targets

    • Target

      51ce5df162143fe278a4cf35d2c107ae

    • Size

      643KB

    • MD5

      51ce5df162143fe278a4cf35d2c107ae

    • SHA1

      7b2e60a0e7ac57774ad25636941acefdff79e424

    • SHA256

      bd27499ca567aa4f05905c3c093d86afbb680ce31b0be17a427db12a0c1318bf

    • SHA512

      36fd0fe17f083037e457a2b3dc9c1156f52e7acc168338969c40d67b2826be9aabb4f4cefe334d5e82b334a1fc4fa2245655687c60b66add680f949d95ad2eed

    • SSDEEP

      12288:HMUpikM1ABVY4lsBnllWzwazxRvwP9QKC71L715+PoR5nFIlW2i:K4Y4lglQzwyxRvw1SJLT5FIV

    Score
    10/10
    gozi1500bankerisfbtrojan

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

      bankertrojangozi
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks