Overview

overview

10

Static

static

3

e864e061f5...18.dll

windows7-x64

10

e864e061f5...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e864e061f55ec7abf779a6dc386b114b_JaffaCakes118

  • Size

    520KB

  • Sample

    240408-zn3w7abf32

  • MD5

    e864e061f55ec7abf779a6dc386b114b

  • SHA1

    aa1e9ead2b85731087922dd86935d13c17b7a241

  • SHA256

    60e5b4e544f0a8c757025ff36c8a2bbd3175bfff88d1e7c9d1de788b3d3b6c3b

  • SHA512

    cad8bfd8c8ada9256d053ed014de1f15233a51919eacd98df4658260368835a84302d8c9119dd7d92a770b9295551f3d615fa6d8ff338717c35247978cf69a49

  • SSDEEP

    12288:0/1dF5oiiOpCp1wwMnJxLHD/4M1kPD7KrY4Zk1Af0fSlllll/lllllj1OrvhcGX:0/h5aOwIfHcR7P4m1AESlllll/lllll0

Score
10/10
gozi1500bankerisfbtrojan

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

1500

C2

gtr.antoinfer.com

app.bighomegl.at
Attributes
  • build

    250211

  • exe_type

    loader

  • server_id

    580

rsa_pubkey.plain
aes.plain

Targets

    • Target

      e864e061f55ec7abf779a6dc386b114b_JaffaCakes118

    • Size

      520KB

    • MD5

      e864e061f55ec7abf779a6dc386b114b

    • SHA1

      aa1e9ead2b85731087922dd86935d13c17b7a241

    • SHA256

      60e5b4e544f0a8c757025ff36c8a2bbd3175bfff88d1e7c9d1de788b3d3b6c3b

    • SHA512

      cad8bfd8c8ada9256d053ed014de1f15233a51919eacd98df4658260368835a84302d8c9119dd7d92a770b9295551f3d615fa6d8ff338717c35247978cf69a49

    • SSDEEP

      12288:0/1dF5oiiOpCp1wwMnJxLHD/4M1kPD7KrY4Zk1Af0fSlllll/lllllj1OrvhcGX:0/h5aOwIfHcR7P4m1AESlllll/lllll0

    Score
    10/10
    gozi1500bankerisfbtrojan

    • Gozi

      Gozi is a well-known and widely distributed banking trojan.

      bankertrojangozi
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks