Overview

overview

10

Static

static

3

cecc7c45b5...00.dll

windows7-x64

10

cecc7c45b5...00.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_09df7dedf59f5f800e844c418400167f34d3d964db93144788c1ca206826f5e7

  • Size

    131KB

  • Sample

    241223-3f3s1avlhy

  • MD5

    8a518b6af88f7a8e48b5a9a568ad68fb

  • SHA1

    0e4287ff30342fbb3ab2adcb7484a4d15b13bc4d

  • SHA256

    09df7dedf59f5f800e844c418400167f34d3d964db93144788c1ca206826f5e7

  • SHA512

    65d849f5814636df163809ce54c4b1905f36e6ce8983e08870b711a17bcec04a54ac392ff26d388d28b60dd07d1f74d51e93d66c95cd84ebe024aa8899de6a71

  • SSDEEP

    3072:cQlG4VYu8hfo/YPYbI1CxDNrnDASR1ZcIRqrpcWCJE:ci+R3P71YhrD/R1ZLApX4E

Score
10/10
gozi4355bankerdiscoveryisfbtrojan

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

4355

C2

updates.microsoft.com

kraulerrrblast.xyz

drazbargura.xyz
Attributes
  • base_path

    /bootstrap/

  • build

    250186

  • dga_season

    10

  • exe_type

    loader

  • extension

    .gre

  • server_id

    12

rsa_pubkey.plain
serpent.plain

Targets

    • Target

      cecc7c45b526be846e68a05775a05ec1809342b0dc225fd4335ae252e07cd200

    • Size

      208KB

    • MD5

      ade30d11d454af76797f4aaa943ebf3e

    • SHA1

      ba30c052347bf01b903559c92e350361f4f4723e

    • SHA256

      cecc7c45b526be846e68a05775a05ec1809342b0dc225fd4335ae252e07cd200

    • SHA512

      a139ae4c0695005d55c669159c2003b0738b117e39543e7c04f39460c854c4b23898609a4354f4ada228166455499c7311f36ecce4c8aad29ab0f8d0e039eaa2

    • SSDEEP

      3072:yVWk6Kci29OX/ux2YReCdqBlCD6PR9XaTGyyG2Q3C4A5Qq7JV17tJ1KmjHJ:yr6nO2xyC0K259qTx2Qy4AbOi

    Score
    10/10
    gozi4355bankerdiscoveryisfbtrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks