Overview

overview

10

Static

static

10

3580-137-0...ry.dll

windows7-x64

1

3580-137-0...ry.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3580-137-0x00000000024A0000-0x00000000024AE000-memory.dmp

  • Size

    56KB

  • Sample

    240308-e3qvysgb3y

  • MD5

    39db4f55227e87e27f9c5e28957f6923

  • SHA1

    cb8ad017b214dca408f5940195438ff5600d5ef1

  • SHA256

    1f776629324b0e2ec4ce6d5a252550f74fedd784b2f8412ab6d0228f2db03585

  • SHA512

    ae6d2e56806bad8c267590ab38918bf7f4334e8eb681f778f36814a7ea30dafe8a4de1891e427925f386a9b81629276b9fd76f3ffaea119c4a8b396571b04717

  • SSDEEP

    768:A2k0DToAPYmMNvwEy6jpY5uMIyfcjlQg6zVjVl55fNIBl/DOg0zBw8:K0DTosYmMbB5zyYlyrlvfNIXDOgMw8

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

5050

C2

https://fazz.bing.com/check

dretils.com
Attributes
  • base_path

    /jerry/

  • build

    250257

  • exe_type

    loader

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      3580-137-0x00000000024A0000-0x00000000024AE000-memory.dmp

    • Size

      56KB

    • MD5

      39db4f55227e87e27f9c5e28957f6923

    • SHA1

      cb8ad017b214dca408f5940195438ff5600d5ef1

    • SHA256

      1f776629324b0e2ec4ce6d5a252550f74fedd784b2f8412ab6d0228f2db03585

    • SHA512

      ae6d2e56806bad8c267590ab38918bf7f4334e8eb681f778f36814a7ea30dafe8a4de1891e427925f386a9b81629276b9fd76f3ffaea119c4a8b396571b04717

    • SSDEEP

      768:A2k0DToAPYmMNvwEy6jpY5uMIyfcjlQg6zVjVl55fNIBl/DOg0zBw8:K0DTosYmMbB5zyYlyrlvfNIXDOgMw8

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks