gozi

General

Target

f99dd97126089a4dc1e1e586f4e202dd_JaffaCakes118
Size

1.8MB
Sample

240927-dws63awanh
MD5

f99dd97126089a4dc1e1e586f4e202dd
SHA1

407f3759f208d38377fdc29fad2dac9a2b5c6d21
SHA256

0034e3c675681f6b681a082b90d892274646cadd3165755ba47b14b04d8687a5
SHA512

a0a85275c3a4dba098bd5b3dacd18cc699039ac608606302a5fdbbac3ecee87a39bbceee4915e853233f10224fa20fcceec3eac5ac4c4d438ad75b830c6a07d9
SSDEEP

49152:wK+Hl4vGdpSL5ktmiMb6eMxbqgu+uZtn7SNp7bd4r54pHduC:j+Hl4vEpbtmiMb6ehgu+uZtn2H7bd4r2

Score

10^/10

Malware Config

Extracted

Family

gozi

Attributes

build
214098

Extracted

Family

gozi

Botnet

3493

C2

google.com

gmail.com

lsammietf53.com

p28u70webster.com

ploi7260m71.com

Attributes

build
214098
dga_base_url
constitution.org/usdeclar.txt
dga_crc
0x4eb7d2ca
dga_season
10
dga_tlds
com

ru

org
exe_type
loader
server_id
12

rsa_pubkey.plain

serpent.plain

Targets

- Target
  
  f99dd97126089a4dc1e1e586f4e202dd_JaffaCakes118
- Size
  
  1.8MB
- MD5
  
  f99dd97126089a4dc1e1e586f4e202dd
- SHA1
  
  407f3759f208d38377fdc29fad2dac9a2b5c6d21
- SHA256
  
  0034e3c675681f6b681a082b90d892274646cadd3165755ba47b14b04d8687a5
- SHA512
  
  a0a85275c3a4dba098bd5b3dacd18cc699039ac608606302a5fdbbac3ecee87a39bbceee4915e853233f10224fa20fcceec3eac5ac4c4d438ad75b830c6a07d9
- SSDEEP
  
  49152:wK+Hl4vGdpSL5ktmiMb6eMxbqgu+uZtn7SNp7bd4r54pHduC:j+Hl4vEpbtmiMb6ehgu+uZtn2H7bd4r2
Score

10^/10

gozi banker discovery isfb trojan 3493
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2