Overview

overview

10

Static

static

3

6ed40ad3a1...ab.dll

windows7-x64

10

6ed40ad3a1...ab.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6ed40ad3a1cde5271687f5f9baad73ab

  • Size

    520KB

  • Sample

    240122-f2stlahfc9

  • MD5

    6ed40ad3a1cde5271687f5f9baad73ab

  • SHA1

    1bbd961e12e374780d95d9bb0986c49488cdf788

  • SHA256

    f7b13b86ffef13feb5f3e6f01bf5aec3e333ecfbfeb43dcce22e9ba5cd53f0a9

  • SHA512

    08ce35e6bfac42004057acb6a913417e2435d045b8d214160f56fa600a317535a9882ff7a28d2498a15ef81354f1da460a033725691221835762d2885de2b22f

  • SSDEEP

    12288:0/1dF5oiiOpCp1wwMnJPLHD/4M1kPD7KrY4Zk1Af0fSlllll/lllllj1OrvhcGX:0/h5aOwI1HcR7P4m1AESlllll/lllll0

Score
10/10
gozi1500bankerisfbtrojan

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

1500

C2

gtr.antoinfer.com

app.bighomegl.at
Attributes
  • build

    250211

  • exe_type

    loader

  • server_id

    580

rsa_pubkey.plain
aes.plain

Targets

    • Target

      6ed40ad3a1cde5271687f5f9baad73ab

    • Size

      520KB

    • MD5

      6ed40ad3a1cde5271687f5f9baad73ab

    • SHA1

      1bbd961e12e374780d95d9bb0986c49488cdf788

    • SHA256

      f7b13b86ffef13feb5f3e6f01bf5aec3e333ecfbfeb43dcce22e9ba5cd53f0a9

    • SHA512

      08ce35e6bfac42004057acb6a913417e2435d045b8d214160f56fa600a317535a9882ff7a28d2498a15ef81354f1da460a033725691221835762d2885de2b22f

    • SSDEEP

      12288:0/1dF5oiiOpCp1wwMnJPLHD/4M1kPD7KrY4Zk1Af0fSlllll/lllllj1OrvhcGX:0/h5aOwI1HcR7P4m1AESlllll/lllll0

    Score
    10/10
    gozi1500bankerisfbtrojan

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

      bankertrojangozi
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks