gozi | 95b0e99fb2cd5d6385804c9fdab90dec3e958810b5fd3deb4a1e5c37df90217f | Triage

Sharing

General

Target

1472-58-0x00000000001C0000-0x00000000001D3000-memory.dmp
Size

76KB
Sample

240304-b7wefsee8y
MD5

db6ba424b421e9ede7ce14f5dc25c6fa
SHA1

28852137bf3752177fde218a3b12b3fecb9ab049
SHA256

95b0e99fb2cd5d6385804c9fdab90dec3e958810b5fd3deb4a1e5c37df90217f
SHA512

8ab33e8cdda284e6f4c43bf11b12b6e2bf32a658fd7d674ddb43e8895dff5af9d35a4f73d636b42afe8e3852b006da88cf88362f1f7e424dd1819fa3a2283449
SSDEEP

768:KGysYcthPbMLsPwFuY2RrQI6jRdB53st+1GJ0V0ezPQdDVJb0OTrd4fJDVLOPEBs:KyFML+2YIf5YdDn/qGU1jDiX

Score

10^/10

gozi 1000 ldr4

Malware Config

Extracted

Family

gozi

Botnet

1000

C2

https://ceredovza.top

Attributes

host_keep_time
2
host_shift_time
1
idle_time
1
request_time
10

aes.plain

Targets

- Target
  
  1472-58-0x00000000001C0000-0x00000000001D3000-memory.dmp
- Size
  
  76KB
- MD5
  
  db6ba424b421e9ede7ce14f5dc25c6fa
- SHA1
  
  28852137bf3752177fde218a3b12b3fecb9ab049
- SHA256
  
  95b0e99fb2cd5d6385804c9fdab90dec3e958810b5fd3deb4a1e5c37df90217f
- SHA512
  
  8ab33e8cdda284e6f4c43bf11b12b6e2bf32a658fd7d674ddb43e8895dff5af9d35a4f73d636b42afe8e3852b006da88cf88362f1f7e424dd1819fa3a2283449
- SSDEEP
  
  768:KGysYcthPbMLsPwFuY2RrQI6jRdB53st+1GJ0V0ezPQdDVJb0OTrd4fJDVLOPEBs:KyFML+2YIf5YdDn/qGU1jDiX
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2