gozi | c6b00d37bd00e9ced4c3e23fdb4d0e693032dc49b31c10247f516961e5ecdcfc | Triage

Sharing

General

Target

2000-58-0x00000000003E0000-0x00000000003F3000-memory.dmp
Size

76KB
Sample

240307-z2wp2aeb26
MD5

a31de6e88b288b37f6fc08ab2ecdd023
SHA1

573dbed3dc25e113251b401636a3384ba34695f9
SHA256

c6b00d37bd00e9ced4c3e23fdb4d0e693032dc49b31c10247f516961e5ecdcfc
SHA512

9c886324a765b71f9a4c48978cdc504c2c5094b402647b32ea8b0bac59b573cc9b6f0c6248d838531a2ec75004bd7d479bd8ea2eff5f3987ee8cab72672ab77d
SSDEEP

1536:iyFML+2YIf5YdDn/qGU1jDiMj//////////////////////////////////////S:iYM5n5eqGU13t

Score

10^/10

gozi 1000 ldr4

Malware Config

Extracted

Family

gozi

Botnet

1000

C2

https://vertalis.top

Attributes

host_keep_time
2
host_shift_time
1
idle_time
1
request_time
10

aes.plain

Targets

- Target
  
  2000-58-0x00000000003E0000-0x00000000003F3000-memory.dmp
- Size
  
  76KB
- MD5
  
  a31de6e88b288b37f6fc08ab2ecdd023
- SHA1
  
  573dbed3dc25e113251b401636a3384ba34695f9
- SHA256
  
  c6b00d37bd00e9ced4c3e23fdb4d0e693032dc49b31c10247f516961e5ecdcfc
- SHA512
  
  9c886324a765b71f9a4c48978cdc504c2c5094b402647b32ea8b0bac59b573cc9b6f0c6248d838531a2ec75004bd7d479bd8ea2eff5f3987ee8cab72672ab77d
- SSDEEP
  
  1536:iyFML+2YIf5YdDn/qGU1jDiMj//////////////////////////////////////S:iYM5n5eqGU13t
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2