Overview

overview

10

Static

static

10

9b769e4822...26.dll

windows7-x64

1

9b769e4822...26.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3e93dbd5b08b343f56a392f0d6ab5866aa2c0af38f8b772246e9b89ca30a0699

  • Size

    28KB

  • Sample

    240419-wyqstsbg76

  • MD5

    0e90df472a7b25eae5653f574b98b13c

  • SHA1

    bfc48ff12996d63d7b0e308efffa00b53f050fbf

  • SHA256

    3e93dbd5b08b343f56a392f0d6ab5866aa2c0af38f8b772246e9b89ca30a0699

  • SHA512

    65040f47c24144d95c4647c0373fdeba402e6dd574d992600f87a7d6b4ed162cdd154043a80fbabe5131032dd5100ba0a1098c7c6bfd60ba6fe34138357c0b7c

  • SSDEEP

    768:G8xfMG5Ajb9hICe42aEqB6eJzhAPmdgSaPMgTOC:G8VM0m2gz5MR

Score
10/10
gozi5050isfb

Malware Config

Extracted

Family

gozi

Botnet

5050

C2

config.edge.skype.com

optinetwork.top

onlynetwork.top

internetcoca.in

dendexmm.com
Attributes
  • base_path

    /jerry/

  • build

    250249

  • exe_type

    loader

  • extension

    .bob

  • server_id

    50

rsa_pubkey.plain
aes.plain

Targets

    • Target

      9b769e4822c4820aeea6523972c025754e3186f520f76491f76ef4d316f06226

    • Size

      52KB

    • MD5

      425c3cc41b19e125f653323b0517a9d8

    • SHA1

      18b7d6b6436f7811ad10789a0207d1814db5c8c2

    • SHA256

      9b769e4822c4820aeea6523972c025754e3186f520f76491f76ef4d316f06226

    • SHA512

      cba90eed955ce0304f1219659424cf260f1f8bd8f9f5f88cc4035ee8525a4db8ec55005a4cbfbc2585f5c48268768ccda14303f034fa63fe22f20b85541a95af

    • SSDEEP

      768:hodCkt3SPs+rXgqc/z5Ewst1n5lhxsjnIY7Foymj5WOpFMiS4JowCyjQBOz:hodTYaz/ywsbzhsrmVWOpFMiS45QBOz

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks