Overview

overview

10

Static

static

3

9f9830791b...09.dll

windows7-x64

10

9f9830791b...09.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9f9830791b377db452e376b1f5b7a609

  • Size

    643KB

  • Sample

    240216-gj25zsbf85

  • MD5

    9f9830791b377db452e376b1f5b7a609

  • SHA1

    4a7bb8bf507fbcd55aad260b9de7aad24a8ce83a

  • SHA256

    e1eccd1c27d390a9b08fe3314e450b97348d36fccf0cdada901edf9270a503bd

  • SHA512

    10a948089c3a6989db5c62091f76309e3c7b8ad884cd09fa5c914ae7ac5981831e618d2ee9d5d412f8ef79616d60e03f13250d074f713d21f50a3db4e74b5b7c

  • SSDEEP

    12288:HMUpikM1ABVY4lsBnllWzwazxRvwZ9QKC71L715+PoR5nFIlW2i:K4Y4lglQzwyxRvw/SJLT5FIV

Score
10/10
gozi1500bankerisfbtrojan

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

1500

C2

gtr.antoinfer.com

app.bighomegl.at
Attributes
  • build

    250211

  • exe_type

    loader

  • server_id

    580

rsa_pubkey.plain
aes.plain

Targets

    • Target

      9f9830791b377db452e376b1f5b7a609

    • Size

      643KB

    • MD5

      9f9830791b377db452e376b1f5b7a609

    • SHA1

      4a7bb8bf507fbcd55aad260b9de7aad24a8ce83a

    • SHA256

      e1eccd1c27d390a9b08fe3314e450b97348d36fccf0cdada901edf9270a503bd

    • SHA512

      10a948089c3a6989db5c62091f76309e3c7b8ad884cd09fa5c914ae7ac5981831e618d2ee9d5d412f8ef79616d60e03f13250d074f713d21f50a3db4e74b5b7c

    • SSDEEP

      12288:HMUpikM1ABVY4lsBnllWzwazxRvwZ9QKC71L715+PoR5nFIlW2i:K4Y4lglQzwyxRvw/SJLT5FIV

    Score
    10/10
    gozi1500bankerisfbtrojan

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

      bankertrojangozi
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks