gozi

General

Target

2025-02-22_763e253ea36530b8209a104a39b6e685_icedid
Size

613KB
Sample

250222-pkfblsxqw3
MD5

763e253ea36530b8209a104a39b6e685
SHA1

2473f962fbf9732980e69c46bb28e60037aa28a8
SHA256

5ecc261daaeff24273d1ab2914b1eb2d4386c5d5ad40d7a934fec816237ec641
SHA512

12e6d73ec045aa6552365c94b78f4105fe295b0bf1b4d9adf79946cf21a758ac2a59ff8ad3e44a5b71e26c4a4caa845a77435d3dfa515c266fd0ed9c6b7c0a13
SSDEEP

12288:9Q+6Ii6F0WIxH9OijnA2cEMAPCeTA3CO6OpIR99g9ssdHPCHqKRgJBUM9Q3M2:u+6t6FeH8ijnA2cEfCLCnOpgNRgJBn9G

Score

10^/10

Malware Config

Extracted

Family

gozi

Attributes

build
214098

Extracted

Family

gozi

Botnet

3494

C2

google.com

gmail.com

z72aoe50.com

tarneps.top

wxts86squom.com

Attributes

build
214098
dga_base_url
constitution.org/usdeclar.txt
dga_crc
0x4eb7d2ca
dga_season
10
dga_tlds
com

ru

org
exe_type
loader
server_id
12

rsa_pubkey.plain

serpent.plain

Targets

- Target
  
  2025-02-22_763e253ea36530b8209a104a39b6e685_icedid
- Size
  
  613KB
- MD5
  
  763e253ea36530b8209a104a39b6e685
- SHA1
  
  2473f962fbf9732980e69c46bb28e60037aa28a8
- SHA256
  
  5ecc261daaeff24273d1ab2914b1eb2d4386c5d5ad40d7a934fec816237ec641
- SHA512
  
  12e6d73ec045aa6552365c94b78f4105fe295b0bf1b4d9adf79946cf21a758ac2a59ff8ad3e44a5b71e26c4a4caa845a77435d3dfa515c266fd0ed9c6b7c0a13
- SSDEEP
  
  12288:9Q+6Ii6F0WIxH9OijnA2cEMAPCeTA3CO6OpIR99g9ssdHPCHqKRgJBUM9Q3M2:u+6t6FeH8ijnA2cEfCLCnOpgNRgJBn9G
Score

10^/10

gozi 3494 banker discovery isfb trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
- Gozi family
  gozi
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Gozi family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2