gozi_ifsb | 278d40dc4e9144a9153d016a417713af54d51162075403ead29cf5aab269bf22 | Triage

Sharing

General

Target

2020-07-09-Ursnif-DLL-example-06-of-10.bin
Size

243KB
Sample

200711-q2jv39s9h6
MD5

7e33844b52394e59e8497d087a31b6dc
SHA1

115471e72dcf93e3ba625580e58ab6ebc6df06f0
SHA256

278d40dc4e9144a9153d016a417713af54d51162075403ead29cf5aab269bf22
SHA512

209860abb26f48da86bfbc493e5f3699a9c51f2dfcbc6443b26e9dd6532be5c577ed2065436427ff4299e7fc8312ec9938f23177db844415b582348bd4e7abbc

Score

10^/10

gozi_ifsb banker trojan

Malware Config

Targets

- Target
  
  2020-07-09-Ursnif-DLL-example-06-of-10.bin
- Size
  
  243KB
- MD5
  
  7e33844b52394e59e8497d087a31b6dc
- SHA1
  
  115471e72dcf93e3ba625580e58ab6ebc6df06f0
- SHA256
  
  278d40dc4e9144a9153d016a417713af54d51162075403ead29cf5aab269bf22
- SHA512
  
  209860abb26f48da86bfbc493e5f3699a9c51f2dfcbc6443b26e9dd6532be5c577ed2065436427ff4299e7fc8312ec9938f23177db844415b582348bd4e7abbc
Score

10^/10

banker trojan gozi_ifsb
- Gozi, Gozi IFSB
  Gozi ISFB is a well-known and widely distributed banking trojan.
  banker trojan gozi_ifsb
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

bankertrojangozi_ifsb