We see you, Gozi
Tags
| country: | Russia |
| maec-delivery-vectors: | Watering Hole |
| attack-pattern: | Credentials - T1589.001 Keylogging - T1056.001 Keylogging - T1417.001 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 |
Common Information
| Type | Value |
|---|---|
| UUID | 56d1c773-6528-4eda-bee4-258ec2aa0596 |
| Fingerprint | 9ab134c9efdb9ad0 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | June 24, 2022, midnight |
| Added to db | Aug. 31, 2024, 1 a.m. |
| Last updated | Oct. 29, 2024, 11:32 a.m. |
| Headline | We see you, Gozi |
| Title | We see you, Gozi |
| Detected Hints/Tags/Attributes | 45/3/22 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://blog.group-ib.com/gozi-latest-ttps |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 36 | ✔ | Blog Group-IB | https://blog.group-ib.com/rss.xml | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 3 | tiny.one |
|
| Details | Domain | 1 | update.zonealarm.com |
|
| Details | Domain | 1 | iiso.in |
|
| Details | File | 1 | traktor.exe |
|
| Details | File | 156 | 1.exe |
|
| Details | File | 1 | wiztree_4_08_setup_4_qfmhjhgh.bmp |
|
| Details | File | 1 | deocqpqvayitfaqvcfovoryc.dll |
|
| Details | md5 | 1 | A0BB2D133B174436A9D4CCE527FB78D7 |
|
| Details | md5 | 1 | 63fdefb66fd14dc92a7d1f773d6f619b |
|
| Details | md5 | 1 | 2B348E0106F20C14615212D7EFF0DB88 |
|
| Details | md5 | 1 | 1C847FED91BA95A65FF0160757C5B187 |
|
| Details | md5 | 1 | D3D4B79106465363155A3F4F6C1A5E05 |
|
| Details | sha1 | 1 | 8e72e0115e01f32a2f72d1f31c3e641c6b66ab45 |
|
| Details | sha1 | 1 | 0a96e7edc7a7e4b805f29691a0d39e21453f9eb0 |
|
| Details | sha1 | 1 | 4dcd93a1cfd7f630c5fe71f5b31b298582b8bd39 |
|
| Details | sha1 | 1 | 17ca3fa3bec22507798b5b21906559134f4cd3aa |
|
| Details | sha1 | 1 | 9e978ad8c58fbbe59b470e26709687023161a5b8 |
|
| Details | sha256 | 1 | 904ca32cb62dc94b61092f80fa78c5bc97d0a5394fa03438aeec85ed87ab763e |
|
| Details | sha256 | 1 | 360703b2b2c324dde72dcd0651251c9e882e245c22d6b7e8c3163ed34ddb62b9 |
|
| Details | sha256 | 1 | 90660936cb65e0f929f32615ef400e0d0f80232f7f2003778c27e28b84468666 |
|
| Details | sha256 | 1 | 3ef96cfb78cb553943ce591c985fdc793d2acf342a536b90d0f9ef72bdb15ecd |
|
| Details | sha256 | 1 | 011f6f038b1398c03ae15d3cb81412d32ad0ad554dfbb5d38fae78577fb2b777 |