gozi

General

Target

058d1a8bce641c7ec149a1ffc71611b45d72dc3493d5ddf29eece71e4d9c6d84
Size

173KB
Sample

241219-yc5qzaxrbt
MD5

b2e77c322bfb16845c90c5a1ada5dc9d
SHA1

696993009f0c8737c5c04445a59696ca0ca5742f
SHA256

058d1a8bce641c7ec149a1ffc71611b45d72dc3493d5ddf29eece71e4d9c6d84
SHA512

39e76a90aad55e0f5e752bbce1dfce817f60a3173bff193e490994f6fb80ec6ae0f8ef32ef128ff98505570b508f797df099f3a504a2d735a4c7a627ddf49110
SSDEEP

3072:o3QwHHZekLlcbo6xjfIWFymNdlRJs7KkRf+1mU39CLHm7UU:4pEsqDIjmNdjJs7Dfc9Cgb

Score

10^/10

Malware Config

Extracted

Family

gozi

Attributes

build
214085

Extracted

Family

gozi

Botnet

3490

C2

google.com

gmail.com

wngtdpablo.com

hclement28.com

d33ounorbertoui.top

Attributes

build
214085
dga_base_url
constitution.org/usdeclar.txt
dga_crc
0x4eb7d2ca
dga_season
10
dga_tlds
com

ru

org
exe_type
loader
server_id
12

rsa_pubkey.plain

serpent.plain

Targets

- Target
  
  058d1a8bce641c7ec149a1ffc71611b45d72dc3493d5ddf29eece71e4d9c6d84
- Size
  
  173KB
- MD5
  
  b2e77c322bfb16845c90c5a1ada5dc9d
- SHA1
  
  696993009f0c8737c5c04445a59696ca0ca5742f
- SHA256
  
  058d1a8bce641c7ec149a1ffc71611b45d72dc3493d5ddf29eece71e4d9c6d84
- SHA512
  
  39e76a90aad55e0f5e752bbce1dfce817f60a3173bff193e490994f6fb80ec6ae0f8ef32ef128ff98505570b508f797df099f3a504a2d735a4c7a627ddf49110
- SSDEEP
  
  3072:o3QwHHZekLlcbo6xjfIWFymNdlRJs7KkRf+1mU39CLHm7UU:4pEsqDIjmNdjJs7Dfc9Cgb
Score

10^/10

gozi 3490 banker discovery isfb trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
- Gozi family
  gozi
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Gozi family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2