gozi | 5592f7cd87be75bbe942ebe124ab5e3b9c3e79c3ba6e2c1a5d3806507b9a365e | Triage

Submit
Reports

Overview

overview

Static

static

5592f7cd87...5e.exe

windows7-x64

1

5592f7cd87...5e.exe

windows10-2004-x64

1

Sharing

General

Target

5592f7cd87be75bbe942ebe124ab5e3b9c3e79c3ba6e2c1a5d3806507b9a365e
Size

344KB
Sample

240624-k37rcsvbpf
MD5

b49d5aa9929e401eac02d9c10ec17b17
SHA1

ee0d9a91f52de9b74b8de36e25c2de91d008cee5
SHA256

5592f7cd87be75bbe942ebe124ab5e3b9c3e79c3ba6e2c1a5d3806507b9a365e
SHA512

7ee8260cf4ebd4875f0718652e80fae4b64c57f84cb60736998a6d59bf0131e862b00362ce9b7efbcd4732ce8d749176c8a74e816511b7b86a39c07b0d7293f0
SSDEEP

6144:1ULalLLjn9myvyirAmyl+XO5gGVE2c378vVjk6KdfNj7cW1pAIB:HlLX9myvya3HEzKL82dfiWpAIB

Score

10^/10

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

5592f7cd87be75bbe942ebe124ab5e3b9c3e79c3ba6e2c1a5d3806507b9a365e.exe

Resource

win7-20231129-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

5592f7cd87be75bbe942ebe124ab5e3b9c3e79c3ba6e2c1a5d3806507b9a365e.exe

Resource

win10v2004-20240611-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Extracted

Family

gozi

Extracted

Family

gozi

Botnet

1000

C2

bonkacho.com

ihakispamhous.ru

gazuralnews.ru

gazitivaton.ru

Attributes

build
204439
exe_type
worker
server_id
12

rsa_pubkey.plain

serpent.plain

Targets

- Target
  
  5592f7cd87be75bbe942ebe124ab5e3b9c3e79c3ba6e2c1a5d3806507b9a365e
- Size
  
  344KB
- MD5
  
  b49d5aa9929e401eac02d9c10ec17b17
- SHA1
  
  ee0d9a91f52de9b74b8de36e25c2de91d008cee5
- SHA256
  
  5592f7cd87be75bbe942ebe124ab5e3b9c3e79c3ba6e2c1a5d3806507b9a365e
- SHA512
  
  7ee8260cf4ebd4875f0718652e80fae4b64c57f84cb60736998a6d59bf0131e862b00362ce9b7efbcd4732ce8d749176c8a74e816511b7b86a39c07b0d7293f0
- SSDEEP
  
  6144:1ULalLLjn9myvyirAmyl+XO5gGVE2c378vVjk6KdfNj7cW1pAIB:HlLX9myvya3HEzKL82dfiWpAIB
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy