Overview

overview

10

Static

static

10

b994d6c78a...46.dll

windows7-x64

1

b994d6c78a...46.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c6fb26e9b766e7c3981718d0be69da30888af632365b5eb05b8930d32f518945

  • Size

    28KB

  • Sample

    240419-wybnxacf3v

  • MD5

    8b1c1f8a9d4ff0b46d36452228be5d29

  • SHA1

    4d7c390379dfeb169f8d63b48d694a4bc9d88e6d

  • SHA256

    c6fb26e9b766e7c3981718d0be69da30888af632365b5eb05b8930d32f518945

  • SHA512

    a374fc30b739aa738429fd38aa1da0cae3afa3357f2336aa21b2f149f5ee665ac459a88aa0bca116949330a8e842f7f2ab0da2a8a181421fdab226911b91d06e

  • SSDEEP

    768:kU3kG24DQ9/67QcsFqY4eh+FtSkP2jDC6kNSi:RXnDcS7QcsFTjQ/uXkAi

Score
10/10
gozi7708isfb

Malware Config

Extracted

Family

gozi

Botnet

7708

C2

checklist.skype.com

185.31.160.197

31.41.44.76

194.116.163.130
Attributes
  • base_path

    /drew/

  • build

    250255

  • exe_type

    loader

  • extension

    .jlk

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      b994d6c78aab2c73c21bbebc4ae04a003d18d98da6a840e265f2f028110adb46

    • Size

      43KB

    • MD5

      fde4530b8ed09f2923da13c8ef15de28

    • SHA1

      628fa92c9bd6ebc83d098a577bd2807ea0bc3f5c

    • SHA256

      b994d6c78aab2c73c21bbebc4ae04a003d18d98da6a840e265f2f028110adb46

    • SHA512

      c153998a2ccd141c23c347ddf088c7243eda3d136ba9b31b176ef14d2aade6b737e0f78eff0edcd1dd8f3cc8a402cde3c0e30cc9d3cb4fa46a89518c6c9a3e29

    • SSDEEP

      768:L0gsqVXye2rS/Q4VYXQIVpCHlNBmQWGk2j+A6ewBvu7gpzhK3D1Gc:L9sq8S/QEYXQIVWlvmYp6ewNu7hD1Gc

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks