gozi | e233642b9cb70dfe4e1fef85988b937e7461dbd41eafbd59694f65e5ddef28f4 | Triage

Sharing

General

Target

e233642b9cb70dfe4e1fef85988b937e7461dbd41eafbd59694f65e5ddef28f4.exe
Size

264KB
Sample

240726-g82kraveka
MD5

d883ae7403f3adee8c0831c3aac4c208
SHA1

07658014aefe68ef5f1bc9c19552b371d7aabd70
SHA256

e233642b9cb70dfe4e1fef85988b937e7461dbd41eafbd59694f65e5ddef28f4
SHA512

929c8bc0a282af167cc0ae1a4695f3367ff899f0ee066ebfd7d95fcdd58bcc734d7c55495f87930df3b2c715ce765f0cc777d59c536e318a34e4c10219b3b52e
SSDEEP

6144:PNdMYdCojCslz3q43XjsEV+FAmpRYtxslEXcMiECHlkTE:VdpdCeqsj90ppy0qXrZgaE

Score

10^/10

gozi 4099 discovery isfb

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

4099

Attributes

exe_type
worker

rsa_pubkey.plain

Targets

- Target
  
  e233642b9cb70dfe4e1fef85988b937e7461dbd41eafbd59694f65e5ddef28f4.exe
- Size
  
  264KB
- MD5
  
  d883ae7403f3adee8c0831c3aac4c208
- SHA1
  
  07658014aefe68ef5f1bc9c19552b371d7aabd70
- SHA256
  
  e233642b9cb70dfe4e1fef85988b937e7461dbd41eafbd59694f65e5ddef28f4
- SHA512
  
  929c8bc0a282af167cc0ae1a4695f3367ff899f0ee066ebfd7d95fcdd58bcc734d7c55495f87930df3b2c715ce765f0cc777d59c536e318a34e4c10219b3b52e
- SSDEEP
  
  6144:PNdMYdCojCslz3q43XjsEV+FAmpRYtxslEXcMiECHlkTE:VdpdCeqsj90ppy0qXrZgaE
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2