Overview

overview

10

Static

static

10

1176-55-0x...ry.dll

windows7-x64

3

1176-55-0x...ry.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1176-55-0x0000000000180000-0x000000000018E000-memory.dmp

  • Size

    56KB

  • Sample

    240312-pk6hssgf4s

  • MD5

    592035f21b021ece347aa4583bbe8f8f

  • SHA1

    c0ef6fd0964489e9a8174e13233df026fbd1aaa0

  • SHA256

    77f47300b9a3200911357446fcca87c60bbe1ed790c3f0e5b5da775164f67a2c

  • SHA512

    7456247967fe1cb79d11defdc8631677c10f0aac0a93d783d8eeb49a822bede50ffed7994ce7361caadbebc7944d020da7e0d4f893958f8524538ac53c451b20

  • SSDEEP

    1536:wi6qeSQiSCPALw/g8yH/cgownoJyCVDxGyxE2:6qeSjVPZ/fyH/TowosYGy

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

5050

C2

https://avas1ta.com/in/login/

njamma.com
Attributes
  • base_path

    /jerry/

  • build

    250259

  • exe_type

    loader

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      1176-55-0x0000000000180000-0x000000000018E000-memory.dmp

    • Size

      56KB

    • MD5

      592035f21b021ece347aa4583bbe8f8f

    • SHA1

      c0ef6fd0964489e9a8174e13233df026fbd1aaa0

    • SHA256

      77f47300b9a3200911357446fcca87c60bbe1ed790c3f0e5b5da775164f67a2c

    • SHA512

      7456247967fe1cb79d11defdc8631677c10f0aac0a93d783d8eeb49a822bede50ffed7994ce7361caadbebc7944d020da7e0d4f893958f8524538ac53c451b20

    • SSDEEP

      1536:wi6qeSQiSCPALw/g8yH/cgownoJyCVDxGyxE2:6qeSjVPZ/fyH/TowosYGy

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks