gozi

General

Target

ec61dbd2c4cb2fe849dbc1f015ccd5590e985eb9749a2c64ffc7728d94f66d6b
Size

240KB
Sample

250224-j1bqgatjy3
MD5

2538b52d65bf2c4ba03cd8a44a423a48
SHA1

1825c5ebec68177928ee326f38c36be2bb8a5b95
SHA256

ec61dbd2c4cb2fe849dbc1f015ccd5590e985eb9749a2c64ffc7728d94f66d6b
SHA512

97a46ec0bf19a02d79b5694fe835ad78f53af3b3e1a1d44491dc9dbfe73244618d156f0dfdacf219d83a14bbb97491228fc7acf82691af283ed366a9d29408fa
SSDEEP

6144:/v/aTfyzleL+RYuArtKnq3kPDmVLmQpHQOmsW:3/aepe+YuQtKnq3kPDmVLm6wOFW

Score

10^/10

Malware Config

Extracted

Family

gozi

Attributes

build
214098

Extracted

Family

gozi

Botnet

3503

C2

google.com

gmail.com

dbxmalachi.com

slowellalden.com

vkeenan86oo.com

Attributes

build
214098
dga_base_url
constitution.org/usdeclar.txt
dga_crc
0x4eb7d2ca
dga_season
10
dga_tlds
com

ru

org
exe_type
loader
server_id
12

rsa_pubkey.plain

serpent.plain

Targets

- Target
  
  ec61dbd2c4cb2fe849dbc1f015ccd5590e985eb9749a2c64ffc7728d94f66d6b
- Size
  
  240KB
- MD5
  
  2538b52d65bf2c4ba03cd8a44a423a48
- SHA1
  
  1825c5ebec68177928ee326f38c36be2bb8a5b95
- SHA256
  
  ec61dbd2c4cb2fe849dbc1f015ccd5590e985eb9749a2c64ffc7728d94f66d6b
- SHA512
  
  97a46ec0bf19a02d79b5694fe835ad78f53af3b3e1a1d44491dc9dbfe73244618d156f0dfdacf219d83a14bbb97491228fc7acf82691af283ed366a9d29408fa
- SSDEEP
  
  6144:/v/aTfyzleL+RYuArtKnq3kPDmVLmQpHQOmsW:3/aepe+YuQtKnq3kPDmVLm6wOFW
Score

10^/10

gozi 3503 banker discovery isfb trojan
- Gozi
  Gozi is a well-known and widely distributed banking trojan.
  banker trojan gozi
- Gozi family
  gozi
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Targets

Gozi family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2