gozi | c45c6faa94764a703ef64098046ffbb24eebd81bc360f31f441b884a8cddae5f | Triage

Sharing

General

Target

826e27ebe4950a57b944757673b9a93a_JaffaCakes118
Size

481KB
Sample

241031-j842zswlgl
MD5

826e27ebe4950a57b944757673b9a93a
SHA1

2fb95c18197d28fa2f06256320db4b277e126671
SHA256

c45c6faa94764a703ef64098046ffbb24eebd81bc360f31f441b884a8cddae5f
SHA512

07a6634a640336eee87b9592d5bc3255ab806c46a47c7155c75f0689a2c32184e74ea177741e5af2335f5e08fe8568eac2dcd0c8397d34302085c21f9d832b0a
SSDEEP

6144:5V6cQ5JWuSGbFMmNMiYrA9JnAURrQS4e25BbUV7TXSwtiYRhicrBn25ywXCu16AB:5VGJHd5MKbfrme25BAvsYOJywyu8wXQ

Score

10^/10

gozi 8877 banker discovery isfb trojan

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

8877

C2

outlook.com

boyuleruner.online

coyuleruner.online

Attributes

base_path
/tragli/
build
250207
dga_season
10
exe_type
loader
extension
.brw
server_id
12

rsa_pubkey.plain

serpent.plain

Targets

- Target
  
  826e27ebe4950a57b944757673b9a93a_JaffaCakes118
- Size
  
  481KB
- MD5
  
  826e27ebe4950a57b944757673b9a93a
- SHA1
  
  2fb95c18197d28fa2f06256320db4b277e126671
- SHA256
  
  c45c6faa94764a703ef64098046ffbb24eebd81bc360f31f441b884a8cddae5f
- SHA512
  
  07a6634a640336eee87b9592d5bc3255ab806c46a47c7155c75f0689a2c32184e74ea177741e5af2335f5e08fe8568eac2dcd0c8397d34302085c21f9d832b0a
- SSDEEP
  
  6144:5V6cQ5JWuSGbFMmNMiYrA9JnAURrQS4e25BbUV7TXSwtiYRhicrBn25ywXCu16AB:5VGJHd5MKbfrme25BAvsYOJywyu8wXQ
Score

10^/10

gozi 8877 banker discovery isfb trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
- Gozi family
  gozi
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

gozi8877bankerdiscoveryisfbtrojan

behavioral2

gozi8877bankerdiscoveryisfbtrojan