gozi | 027d0c6926829a840b414cd9aa64e9a2a28396784704c50895162df5de376442 | Triage

Submit
Reports

Overview

overview

Static

static

LoadPEdll.dll

windows10-2004-x64

Sharing

General

Target

LoadPEdll.dll
Size

66KB
Sample

241125-zbzzrsvlhz
MD5

d866f6a584ca2a8a02168b4f5230ef6d
SHA1

a5f148435689395bf37fe168b1026ba45da12332
SHA256

027d0c6926829a840b414cd9aa64e9a2a28396784704c50895162df5de376442
SHA512

613ef26520ef8aaf7b0d8c2de3a4b78d3592f8ee7de5ed74c2b76eebd53b24756e7b3fa6124c991541a286abff4efbb5539a0f97d823d000a39f69ebcb933690
SSDEEP

1536:ApPtsWcKyFML+2YIf5YdDn/qGU1jDi3p:IcKYM5n5eqGU13y

Score

10^/10

gozi 1000 banker ldr4 trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

LoadPEdll.dll

Resource

win10v2004-20241007-en

gozi 1000 banker ldr4 trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

1000

C2

https://budalixt.top

Attributes

host_keep_time
2
host_shift_time
1
idle_time
1
request_time
10

aes.plain

Targets

- Target
  
  LoadPEdll.dll
- Size
  
  66KB
- MD5
  
  d866f6a584ca2a8a02168b4f5230ef6d
- SHA1
  
  a5f148435689395bf37fe168b1026ba45da12332
- SHA256
  
  027d0c6926829a840b414cd9aa64e9a2a28396784704c50895162df5de376442
- SHA512
  
  613ef26520ef8aaf7b0d8c2de3a4b78d3592f8ee7de5ed74c2b76eebd53b24756e7b3fa6124c991541a286abff4efbb5539a0f97d823d000a39f69ebcb933690
- SSDEEP
  
  1536:ApPtsWcKyFML+2YIf5YdDn/qGU1jDi3p:IcKYM5n5eqGU13y
Score

10^/10

gozi 1000 banker ldr4 trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
- Gozi family
  gozi
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

gozi1000bankerldr4trojan

© 2018-2025

Terms | Privacy