Overview

overview

10

Static

static

10

736-55-0x0...ry.dll

windows7-x64

3

736-55-0x0...ry.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    736-55-0x0000000000170000-0x000000000017E000-memory.dmp

  • Size

    56KB

  • Sample

    240308-ey9ghafb24

  • MD5

    2f06f06d8acb6c26e468481c8ea8b3f9

  • SHA1

    5df077148b0e58b929c249af0dd6bba124cfa2c8

  • SHA256

    389ced69beed12e787c90a3e5ecd6ff9ac16fee90b268112e8b73b1f369815f0

  • SHA512

    b093e4dbde1453d4db3976413f4bb9a7471a82075583b03bff97dcccbb5a458017f7ae8da37a4adb7de9159cc1e19d67d91c5c5fe910f7d238ad71a1f23d6bcc

  • SSDEEP

    768:A2mo1LNxxkYmouv1Ey6jpY5uMIyfcjlQg6zVjVl55fNIBl/DOg0zBw8:go1LNx6YmWB5zyYlyrlvfNIXDOgMw8

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

5050

C2

https://fazz.bing.com/check

dretils.com
Attributes
  • base_path

    /jerry/

  • build

    250257

  • exe_type

    loader

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      736-55-0x0000000000170000-0x000000000017E000-memory.dmp

    • Size

      56KB

    • MD5

      2f06f06d8acb6c26e468481c8ea8b3f9

    • SHA1

      5df077148b0e58b929c249af0dd6bba124cfa2c8

    • SHA256

      389ced69beed12e787c90a3e5ecd6ff9ac16fee90b268112e8b73b1f369815f0

    • SHA512

      b093e4dbde1453d4db3976413f4bb9a7471a82075583b03bff97dcccbb5a458017f7ae8da37a4adb7de9159cc1e19d67d91c5c5fe910f7d238ad71a1f23d6bcc

    • SSDEEP

      768:A2mo1LNxxkYmouv1Ey6jpY5uMIyfcjlQg6zVjVl55fNIBl/DOg0zBw8:go1LNx6YmWB5zyYlyrlvfNIXDOgMw8

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks